Cloud adoption is not something in our future—it’s today’s reality. Recently, McAfee, like many other enterprise organizations, implemented a “cloud first” policy. That is, we prioritize on cloud-focused architectures for our solution development and business to ensure we meet the scalability and agility requirements of both the public cloud and private cloud data centers. And we aren’t the only ones. According to the latest SANS survey, “Security and Accountability in the Cloud Data Center,” almost a quarter of respondents (24%) are in organizations adopting a “cloud first” strategy. The shift to the cloud is on, and moving at lightning speed. Leveraging the cloud is essential for organizations to keep up with business demands and stay competitive.
Vanishing Perimeter Erodes Defense
In the past we had centralized IT, where it was easy to draw a line around the boundary of the organization and rely on perimeter security to keep the organization safe. With highly mobile and cloud-savvy end users dominating your workforce and your lines of business dependent on cloud-based applications, the network perimeter has become permeable. Now, it is nearly impossible to draw a tidy line around where your organization ends and the internet begins.
The erosion of the network perimeter, coupled with end-user access to cloud applications and compute, has resulted in today’s decentralized reality. In a perimeterless environment, the speed at which data can move from a device to the cloud, and the many paths that it can take, make it extremely difficult for security professionals to maintain visibility and control of corporate data.
According to the latest SANS research, most organizations believe the agility and flexibility of cloud-delivered services outweigh the perceived loss of visibility and control. Seventy percent of respondents’ organizations use public cloud computing services despite long-standing fears about information security and the lack of visibility into cloud provider security controls.[i]
Among other notable findings from the SANS study, 48% of respondents store employee data in the public cloud, and 24% store customer financial information even though 62% find unauthorized access by outsiders and cloud tenants (chosen by 59%) to be their biggest security concerns related to cloud application use.
Cloud Security Requirements
The evolution to cloud has brought to us faster line-of-business provisioning, elastic scaling, as well as portability and fluid cost models. We find ourselves in a digital landscape that is much more agile and elastic than our current security solutions were built to address.
It is imperative that cloud security solutions deliver these three requirements:
- Monitor what is happening in the cloud. Determine what new workloads have been spun-up and if they are secure. See and control east-west traffic and provision security automatically as needed.
- Provide visibility of Shadow IT. Automatically apply data security and malware protections to discovered SaaS applications and sensitive data in the public cloud. Discovery is only part of the solution. Obtaining visibility of SaaS application and AWS workload usage in your organization is important, but don’t stop there. Data protection and malware detection are needed for your public cloud instances, to ensure sensitive data is secured and your resources are monitored for a breach or an attack.
- Unify private, public, and hybrid security in one management and communications platform. A new approach is needed for integrated, automated, and orchestrated security. This is the only way to ensure that security in, to, and from the cloud is as simple, economical, and secure as any other cloud-enabled service.
Most firms adopting the cloud are adjusting their security programs to ensure a secure transition. They are also partnering with security vendors that recognize that cloud may require changes in the solutions they bring to market.
Moving to the cloud is inevitable. Moving to the cloud securely is imperative. You need a new generation of security and privacy technology to enable cloud-driven business, and that is why you require a security partner that is committed to building “cloud first” solutions.
[i] “Security and Accountability in the Cloud Data Center: A SANS Survey,” October 2016