Can You Afford the Risk of Not Going Digital

Risk of Not Going to the Cloud

If you’re considering a migration to a public cloud environment, you’re most likely motivated by the potential to reduce costs, while increasing capital efficiency, productivity, agility, and overall scalability. Yet with so much to gain, many organizations are still not convinced this is the right strategy, and often cite security as their main concern.

Polling results confirm that there is a common view that the public cloud entails simply too much of a security risk. As an example, in a recent poll,  IT leaders either believe that the cloud is less secure than their on-premise deployment or that they have equivalent security in place now.

Don’t bury your head in the sand

It’s hard to say why this misconception still exists. Many CIOs and IT leaders may prefer a hands-on approach, believing that they have better and more secure systems simply because they’re on-premise. “If I can see it, I can secure it,” seems to be their thinking – yet this logic isn’t sound.

No matter the reason, the fact remains that public cloud environments are inherently more secure than on-premise, legacy systems. Cloud Service Providers generally have more employees – with more experience – focused on security, unlike the average organization that has a limited headcount or even makes security a shared responsibility for their already over-burdened IT staff. Additionally, cloud vendors also have powerful tools and specialized services at their disposal to monitor networks, identify anomalies, and respond to potential threats. Another benefit of cloud service providers – they must also go through frequent, comprehensive testing and auditing in order to comply with stringent regulations and meet service-level agreements with their own customers. Legacy systems do not usually get this same attention.

Achieve better security on day one in the cloud

There’s one other important distinction. Unlike legacy, on-premise systems, cloud services such as Amazon Web Services (AWS) have benefitted from large-scale investments in scalable hardware, configuration and process automation, and the integration of critical log information. This combination of conditions means that many security flaws associated with on-premise security challenges are solved on day one of a cloud migration. Scale, maturity, and a vast universe of integration and solution partners help cloud vendors maintain an unparalleled security environment.

All of this means that cloud vendors are better equipped to address many security challenges that still confront IT and SecOps teams today. For example, cloud deployments successfully overcome three challenges related to conventional (on-premise) networks today: visibility, identity and access management services, and policy declaration and enforcement.

  • Visibility is the detailed understanding of how users, applications, and IT resources are behaving and it is better in the cloud than it is in conventional networks. Now, you can easily see account usage, user behavior, infrastructure management, application/service activity, network activity, and more, which is more difficult and expensive to develop and maintain within on-premise systems.
  • Fully integrated identity and access management (IAM) services that provide credentials for all aspects of cloud interaction and declare which user identities exist and what privileges they possess.
  • Comprehensive policy declaration and enforcement that enables both ad hoc and continuous auditing of AWS resources and their internal configurations.

Defeat known and unknown threats in the cloud

Yet even as you overcome such security challenges, you may still wonder how you can defend against known or unknown threats in the cloud.

To achieve this goal, there are two important questions to consider: “How are my cloud resources configured?” and “What are they doing at any particular time?” We will take a closer look at what both questions entail.

  • Asset configuration: The first step is knowing the configuration state of all your cloud resources, including services, devices, users, and policy objects. Once you have this information, you’ll know if these configurations are consistent with your expectations and best practices and if they are ideally configured with respect to known problems or Vulnerabilities.
  • Asset behavior: Of course, not all problems are known before they happen. Malware that exploits undiscovered software vulnerabilities, usage of stolen credentials, and user misbehavior are all examples of issues that can’t be detected through configuration management policy management and can lead to significant security problems.

With the right instrumentation and visibility of the AWS environment, it becomes possible to gain insight into specific behaviors demonstrated by each AWS resource. However, this instrumentation can be a firehose of data. In such an environment of “information overload,” it becomes very difficult to isolate one behavior and determine if it represents a potential security problem.

The endpoint modeling advantage in cloud security

This is where endpoint modeling can help. This technology automatically discovers the role and behavior of cloud resources, and then tracks that behavior continuously to detect when risky or threatening behaviors occur. Then, if one of these assets begins to act abnormally, or in a way that is unexpected, endpoint modeling generates a real-time alert. Security professionals can then quickly investigate to determine if this behavior represents a potential threat and if so, take the most effective action to remediate it.

Endpoint modeling maintains a software model using input from structured data feeds from the cloud vendor itself. For example, in an Amazon Web Services (AWS) cloud environment, endpoint modeling uses AWS services such as VPC Flow Logs, AWS CloudTrail, Amazon CloudWatch, AWS Config, and Amazon Inspector.

In the case of VPC Flow Logs, they provide visibility into the network traffic that AWS servers send or receive. When any AWS VPC resources have a network interaction, a VPC Flow Log entry is made that records the details of the network conversation, including the source and destination, ports, protocol, byte count, and packet count seen. These logs are significant because they represent an auditable record of all network interactions within an AWS VPC.

Together, these AWS services represent a comprehensive visibility layer for any AWS footprint, and provide out-of-the-box visibility into account usage, user behavior, infrastructure management, application and service activity, and network activity. AWS users obtain the benefit of these services without having to bear the maintenance or capital costs required to provide them. By contrast, obtaining similar levels of visibility in on-premise environments is extremely difficult – if not impossible – for most organizations today.

Go confidently to the cloud

Despite the lingering perception that public clouds present too much of a security risk, they are more secure than on-premise, legacy systems for most applications when used in combination with next-generation tools built on top of the rich security information framework established by these clouds. So, if you’ve been putting off a cloud decision thinking there’s too much risk, it may be time to re-think your strategy.

By Bryan Doerr

Virtana

Episode 8: Managing Cloud Strategy During the Chaos of 2020, Plus an Outlook for 2021

An Interview with Kash Shaikh, CEO of Virtana Companies are wrestling with the idea of moving to the cloud, staying on-prem or finding a hybrid solution. Kash Shaikh, the new CEO of Virtana, looks at ...
Business Voip

Cloud Governance Best Practices & How “Legacy Governance” Hurts

Cloud Governance Best Practices The cloud can provide your organization with substantial benefits -- if you adopt an effective cloud governance model. Businesses established before the cloud era (or those that took their IT governance ...
Jim Fagan

The Geopolitics of Subsea Connectivity

Subsea Connectivity Digital transformation and the migration of data and applications to the cloud is a global phenomenon. While we may like to think that the cloud knows no borders, the reality is that geopolitics ...
Juan Pablo Perez Etchegoyen

69% of Enterprises are Moving Mission-Critical Information to the Cloud

Why Security matters According to a research study by the Cloud Security Alliance (CSA), 69% of enterprises are moving mission-critical information to the cloud. These migrations are massively complex and take meticulous planning to ensure ...
The Top 20 Cybersecurity Startups To Watch In 2021

The Top 20 Cybersecurity Startups To Watch In 2021

20 Cybersecurity Startups Cybersecurity, privacy and security startups have raised $1.9 billion in three months this year, on pace to reach $7.6 billion or more in 2021, over four times more than was raised throughout ...

PROXY SERVICES

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Smartproxy

    Smartproxy

    Smartproxy is a rising star in the constantly growing proxy market. Smartproxy offers awarded customer service, impressive performance, and is serious about your anonymity (yes, cybersecurity matters). The latest features developed by Smartproxy are 30 minute long sticky sessions and Google Proxies. Rumor has it, the latter guarantee 100% success rate

  • Bright Data

    Bright Data

    Bright Data’s network is one of the most robust of its kind globally. Here are its stark advantages: Extremely stable connection for long sessions (99.99% uptime guaranteed). Free to integrate with our Proxy Manager which allows you to define custom rules for optimized results. Send unlimited concurrent requests increasing speed, cost-effectiveness, and overall efficiency.

  • Rsocks

    Rsocks

    RSocks team offers a huge amount of residential plans which were developed for plenty of tasks and, most importantly, has been proved to be quite efficient. Such variety has been created on purpose to let everyone choose a plan for a reasonable price, online, rotation and other parameters.

  • Storm Proxies

    Storm Proxies

    Storm Proxies' network is optimized for high performance and fast multi-threaded tools. You get unlimited bandwidth. No hidden costs, no limits on bandwidth. Try Storm Proxies 100% Risk Free. If you are not happy with the service email us within 24 hours of purchase and we will refund you.