THE EVOLUTION CLOUD SECURITY: NOW, NOW, AND TO COME
Join this teissTalk for answers to the most pressing questions in the Information Security industry, including:
When: 5 -5, -2021
LIVE Today at:
11;00 New York ( Eastern Time Zone) ; 1600 London , 18:00 Ankara , 19:00 Dubai, 1:00 Sydney
Register here www.teiss.co.uk/talk
For more information, please visit:
For more information on evets:
THE EVOLUTION CLOUD SECURITY
Ahmed Nabil is the Guest Author
Everyone is talking about the cloud, and the benefits of moving your environment infrastructure, platforms, and other resources to the cloud. This is true for me. Consider the current Corona virus pandemic and the mandate for remote working. Imagine the ease of this model if you have a cloud environment or are using cloud-based technologies that allow you to connect from anywhere and deliver the same quality as if it were in your office.
What is cloud computing?
NIST 800-145 defines the characteristics of cloud service as being on-demand service, broad network access and resource pooling. This definition is helpful for security professionals. As you can see, the driving factor of cloud was productivity, availability, and resilience. However, security is not included in this equation.
Problem is, once you start using cloud services, it becomes an endless project. Cloud services can be extended or migrated to add more tools, computers and servers to your IT portfolio. This means that you have a completely new area of attack or network perimeter that needs to be secured.
The cloud will bring new challenges to your IT environment.
This is a complete change and security is designed to address all these challenges.
Information Security Transformation
Many businesses are moving to the digital age by using the most recent technologies. This transformation is mainly driven by the need to compete with digital native startups. Digital startups are disrupting the industry and forcing competitors to either move to new digital businesses or exit the market.
Information security will face both new challenges and opportunities in the digital and IT world. As we have discussed, the challenges are huge. However, there is also an opportunity to solve long-standing security issues using the new technology platforms and the cloud.
With the above-mentioned problems, it is clear that the old network perimeter has changed. In the past, your perimeter was your office network. To access and work on your files and data, you had to check in at your office. Cloud has made the network perimeter obsolete. Users can access the cloud from any device or platform and work anywhere.
The identity perimeter, the modern perimeter, is the main protection. This means that your identity controls (Information assets and end-point devices) are the primary protection. This requires a new architecture mindset that is based on the cloud/customer cloud responsibility matrix.
Cloud and Customer Responsibility Sharing
Some users believe that moving to the cloud will make their lives easier by default, while others feel they are more vulnerable. In reality, it is a shared responsibility of both the user and the cloud provider. Cloud will offer better security options, but again, the user must use it and configure it to get maximum benefit.
Let’s take the Software as a Service (SAAS), which is one of most popular models for leveraging the cloud. The below Cloud/Customers responsiblities are