Securing the Public Cloud, Whose Responsibility is it?
Security is a shared responsibility between the cloud provider and the customer. The ‘shared responsibility’ model stipulates that cloud providers (e.g. AWS, GCP, Azure) own the security “of” the cloud. This applies to both hardware and software underpinning the cloud infrastructure itself. From a user perspective, it is the responsibility of the party consuming the cloud service(s) to secure those assets (work-streams, data, and applications) that reside “in” the cloud.
The cloud is an evolving execution venue for IT. Sure enough, any new variation of cloud computing affects the specifics of the operating model. Consequently, the responsibilities associated with securing those changing environments are equally liable to change over time.
Considerations of Note:
1. Understand precisely who owns security in your cloud environment.
Datacentres are complex environments. Modern enterprises own an ever-increasing computing ecosystem. New applications, exponential data generation, storage and consumption coupled with a network in constant flux. If it already sounds like managing this stretches limits of human scale, you’re not wrong. Now take all this and deploy it in someone else’s datacentre. Welcome to the public cloud.
How exactly can we secure all of the above? Lack of security ownership in any element of the above model is the perfect recipe for a reactive security approach, rather than a preventative one. The news headlines covering the latest data breach in “Company X” show us how effective a reactive security approach can be.
2. Visibility is King. Monitor, then act.
Visibility of our entire cloud architecture is imperative. We cannot secure that which we do not posses oversight for.
Intelligent tools utilising cloud providers’ APIs are available today and invaluable in providing holistic and detailed visibility of our cloud environments. Such tools can highlight any work-streams, applications, data-stores and network configurations where vulnerabilities could be present. The resulting intelligence offers an accelerated remediation solution – one that can be automated. The “beyond human scale” problem just became less daunting, right?
3. Work with a trusted partner to proactively build security architecture from the ground up.
Speak to Gyrocom today to secure your cloud deployments.
Gyrocom is a network and security company. We support your digital transformation with secure, automated and simple to manage solutions for the data centre, branch office and cloud.