Top 7 things to get right in hybrid Cloud security
The Future of Hybrid Cloud Security
Cloud remains essential and became a competitive advantage "thanks to the value creation capabilities allowing by APIs" according to Diego Segre, IBM Europe vice-president and business partner. In fact, Cloud spending increased by more than 23% in 2018. According to IDC predicts, investments in Cloud and particularly in public Cloud will continue to grow until 2021 to reach more than $277 billion in the USA
Spending' shares of traditional infrastructures, private Cloud and public Cloud. IDC.
According to Gartner, by 2020, 90 percent of organizations will have moved to a hybrid cloud infrastructure. In 2019, more companies will choose a hybrid-Cloud approach that will allow them to benefit from the efficiency and innovative services of Cloud solutions.
In a 2018 survey, Gartner reported that 60% of companies having implemented visibility and control tools for their Cloud will experience one-third fewer security breaches. Moreover, until 2020, public Cloud workloads are anticipated to experience 60% fewer security incidents than those hosted in the traditional datacenter.
If the Cloud is now mainstream (as shown by the explosive growth of AWS and Azure), Cloud security remains mostly misunderstood by enterprises. Moreover, 88% of Netwrix 2018 Cloud Security survey respondents believe that a data breach in the Cloud would impact their business.
Addressing Cloud security does not mean starting from a clean sheet, but rather expanding on current controls, here are our top 7:
Identity and Access Management
Authentication and authorization remain a foundation of security. So, enterprises need to extend their user directories to Cloud services, for example using Azure AD or AWS AD. Furthermore, security teams must keep the least privileged policy to users accessing Cloud services and a focus on administration accounts. It is not always easy to get ACLs right in the new Cloud services, but some tools exist that can provide guidance and help with assessments.
According to McAfee, all companies are looking to secure their data by restricting access. Enterprises must perform data access assessments to improve the global security of their hybrid infrastructure and to identify their cyber risk exposure.
Sensitive data inevitably makes its way to the Cloud, with 21% of all files in the Cloud containing some form of sensitive content (Cloud Adoption and Risk Report from McAfee). Tools to preserve data confidentiality, such as encryption, are easily accessible but require teams to get key management right. Again, CISOs do not need to re-invent the wheel but rather support Cloud key stores.
New applications can benefit from the features and agility of Cloud infrastructures. Applications still need to be tested for vulnerabilities and standards such as the OWASP Top 10 before being deployed into production. The important point here is that application security tools must be integrated into the DevOps toolchain and CISOs must have a dashboard that gives them complete oversight of the full stack security including application vulnerabilities.
Cloud Workload Protection
In a lift and shift scenario, enterprises can start taking advantage of the benefits of Cloud infrastructures without a significant investment. Tools such as anti-virus, anti-malware and vulnerability management can be re-used without putting an extra burden on the teams. Enterprises can then focus on digital transformation and migration to containers or a serverless environment. Workload protection must support these new technologies, and everything centers around automation so that the solutions can be smoothly orchestrated.
Cloud Posture Management
Enterprises tend to think that AWS or Azure will tackle security for them through measures they have in place. While this may be true regarding data center security, workloads and the configuration of Cloud services remain the responsibility of enterprises. This imposes new requirements on the security team and it is crucial to deploy solutions that assess Cloud Security Posture in a continuous and automated way and evaluate against standards such as CIS AWS and CIS Azure.
Visibility and Operations
Typically, organizations look to migrate to a new infrastructure as quickly as possible to be operational and take advantage of the Cloud. It is imperative to build on solid foundations, knowing in real time which users have access to resources and data.
Security solutions having APIs and using Cloud APIs allow organizations to make an inventory of the entire infrastructure, detecting bad configurations and giving full stack visibility to Operations.
Continuous Assessment and Automation
Continuous assessment brings increased visibility and also gives the company a better chance of spotting abnormal behaviors and thereby reducing risk. Security teams alone do not have the time to continuously check the full stack and the elasticity of Cloud assets. Therefore, automation is fundamental to putting security issues into a business context and allowing for prioritization. In a hybrid setup, it can be overwhelming for security teams to manage given the different skillsets needed for these infrastructures.
Multi-Cloud and Hybrid Cloud are everywhere. The security of this kind of infrastructure should no longer be a barrier in 2019. Learn more about how our Cloud security solution works through supporting most Cloud infrastructure providers while handling legacy as well.