In a world where data breaches dominate the headlines, I find myself in a lot of conversations on the topic of cloud security.
People often assume these hacks are pulled off by brilliant programmers exploiting obscure vulnerabilities. Some CIOs I’ve worked with as the founder of a cloud and DevOps automation company have even held back on leveraging public cloud services due to these concerns.
The truth is, I’ve found that cloud security issues are typically less dramatic than most people think. For example, security issues could be related to simple misconfigurations due to human error.
The public cloud is secure. Vendors like Microsoft, Amazon, Google, and IBM have many cloud security experts maintaining and supporting their platforms. (Full disclosure: I’m a former employee of Amazon and Microsoft, and my company is a Microsoft Certified Partner.)
I believe leaders need to recognize that cloud security is a shared responsibility between both the provider and the customer. IT teams should take ownership of their role in supporting cloud resources and make sure they’re following vendor-recommended security best practices.
Here are some of the most common cloud security mistakes I’ve seen repeated consistently by customers in the real world that should be avoided at all costs — and what you can do instead. – Read more