When companies move to the cloud, it’s crucial that they know where the cloud provider’s security role ends and where theirs begins.
The shared-responsibility model is one of the basic tenets of a successful public cloud deployment, and often the least understood. It requires vigilance by both the cloud provider and customer – but in different ways.
Amazon Web Services (AWS), which developed the shared-responsibility philosophy when it introduced the public cloud, describes it succinctly as, “knowing the difference between security in the cloud versus the security of the cloud.”
This model, which is radically different from how organizations are used to securing their own data centers, often creates a “disconnect” for newer cloud enterprises. Their first question is often, “Is the cloud secure?”
The real question is, “Is my cloud being managed securely?”
The security of the cloud refers to all the underlying hardware and software: compute, storage and networking, in both the customer’s and the provider’s environments. But the cloud provider takes care of theirs; the customer takes care of theirs.
The configuration of the foundational services is in the hands of the customer, including the likes of: customer data; apps and identify-and-access management; operating system patches; network and firewall configuration; data and network encryption; continual security and compliance monitoring; resource allocation … the list goes on.
If this seems overwhelming, it’s because it is. Especially for bandwidth-strapped IT folks who may not have the time, resources or expertise to configure, continually optimize, monitor, secure, ensure compliance, etc. … for all the organization’s cloud resources and users, 24x7x365.
2. Prolific new product releases
At AWS’s big re:Invent conference in Las Vegas this December, the company introduced 70 new products and features.
To keep up with the new releases, incorporate their functionalities, and learn how to manage and secure them, is a continual job that few people have time to do. One of the major releases from re:Invent was the introduction of Amazon Outposts.
This release recognizes customers’ desires to have a single, managed platform with the value of the AWS cloud tools, while still maintaining their data on-prem, in their locations.
The job of managing your cloud environment and its security expands exponentially with the proliferation of capabilities and services of cloud providers like AWS.
3. Desire for a single managed platform to manage multi-cloud services
With so many releases and new products being introduced into the mix, it becomes very difficult for an on-prem IT team to manage.
That’s where a third-party managed service provider comes in: to keep up with the continual updates; to constantly monitor, optimize and secure; to keep eyes on your enterprise at all times, and to keep you informed along the way…all in a single, managed platform to which you have access.
Many companies that use a primary public cloud provider (like AWS) turn to third-party resources to help them fill in the gaps in their own skillsets and knowledge, and to augment the tasks required to properly manage and secure their cloud environments. This spreads-out the accountability for the “care and feeding” of the overall IT infrastructure. That’s why cloud managed services, like PTP’s platform, are gaining immense popularity right now.
When it comes to the continual monitoring and configuration of security services such as user access, authentication, security breach alerts, security threat remediation, and the like, many companies prefer not to leave it up to chance. They hire a third-party to ensure that their cloud environment is under the watchful eye of certified cloud security experts who can immediately spot, remediate and report on any malicious activity. – Read more