The cloud offers a multitude of advantages, however as with any large-scale deployment, it can also provide unforeseen challenges.
The concept of the cloud being “someone else’s data centre” has long irked security pros– it reinforces the notion that security responsibility is someone else’s problem.
It is true, cloud systems, networks and applications are not physically located within a company’s environment. Cloud infrastructure providers manage how the environment is set up and monitored, as well as what is put into it and how data is protected.
But ongoing security responsibility and risk mitigation certainly falls squarely with the customer and what is most important is how risk is managed to provide alignment with the existing security framework.
Cloud security privacy risks
GDPR and its ‘sister’ policies in the US (as seen with Arizona, Colorado and California) have meant organizations are being faced with new requirements for protecting data in the cloud.
While it used to be as simple as deploying Data Loss Prevention (DLP) in a data center, nowadays, due to data center fragmentation, this is no longer viable. There are now services, systems and infrastructure that are no longer owned by the organization, but still require visibility and control.
Managing cloud services and infrastructures that share or exchange information can also become difficult to manage. For example, who owns the SLAs? Is there a single pane of glass that monitors everything?
DevOps has forced corporations to go as far as implementing micro-segmentation and adjusting processes around firewall rule change management. Additionally, serverless computing has provided organisations with a means by which they can cut costs and speed productivity by allowing developers to run code without having to worry about platforms and infrastructure.
Yet, without a firm handle on virtual private clouds and workload deployments, things can quickly spin out of control and data can begin leaking from one environment just as a comfortable level of security is achieved in another. – Read more