How to Mitigate Security Risks in the Cloud

How to Mitigate Security Risks in the Cloud

Enterprises continue to spend billions annually on security technology, yet cyber breaches continue to come fast and furious. So what exactly is going on here? Why are the odds stacked against the good guys?

It turns out there are some pretty good reasons why security remains so elusive. Many organizations simply don’t have the staffing resources to do battle with a heavily automated enemy.

What’s more, IT innovation and the move to the cloud is moving at light speed. Those can be good things, but the pace of change is also introducing a new level of complexity and unmanageability that is exposing us to human error. In many cases, we’re trying to fend off laser-guided missiles with defense shields designed for the last war, not this one.

To make it a fair fight, we need to invest in security where it is most needed. Rather than pour billions of dollars into the latest and greatest antivirus or firewall solution, organizations should invest in the ability to respond to incidents and prevent them from spreading.

We have to assume some attacks will get through our defenses. And we have to have the ability to quickly bounce back from an attack, rather than just trying in vain to block every attempt. It’s through this resiliency that enterprises can better defend themselves against cyber threats.

Security in the cloud

Really Secure.png

In the early days of cloud, there was a lot of hype suggesting that security problems would be a thing of the past. Of course, we now know that security breaches have only gotten worse. Cloud infrastructure is easy to build and easy to move. While this makes life better for application developers, it also makes keeping track of what is where, and what is protecting it, exponentially more challenging.

The cloud is evolving in its own way, with each vendor incorporating their own proprietary languages and adding ever-more feature complexity. Users, for their part, are struggling under these disparate tools because each cloud has a proprietary interface that needs to be learned and managed.

Here’s another challenge. Because the cloud delivers a new computing paradigm, it doesn’t easily merge with older systems. For example, a new Lambda Service from a cloud provider acts very differently from a legacy mainframe or datacenter app. And since your organization is probably not migrating 100% of IT to the cloud, that means you not only have to contend with the risks associated with your legacy system, you also have new risks associated with the cloud.

Pets vs. cattle

It’s helpful to think of the pets versus cattle analogy when talking about cloud security. We treat our pets like part of the family, showering them with love and tending to them when they’re sick or injured. But, when it comes to cattle, we have a very different attitude. Cattle, for their part, are a disposable commodity. The trick is to understand the difference between the two. Security teams need to know which assets are being treated as cattle by the IT organization, and which are managed as pets so they can apply the right fixes when issues arise.

Another significant challenge for security teams are the new architectures that the cloud introduces. Anyone with a puppy at home knows how important it is to gate off certain areas of the home to contain the mess and limit the havoc. But when traditional IT “pets” move out to the cloud, where do you install those gates – the firewalls, IDS/IPS sensors, DLP detectors, etc.?

The good news is that, in the emerging serverless era, where location is held to be irrelevant, there are certain benefits you can leverage to enhance protection. In traditional systems you would need a dedicated server and comms in and out, which presents a significant threat surface for an attacker.

But in a serverless environment, you can break off a small part of compute and hand it to a provider. The benefit here is that, if you don’t need admin access and don’t know the location, then it also becomes difficult for the bad guys to find it. Security teams, for their part, can just focus on the data that needs to be protected, and can pay less attention to where and how the compute happens, because that is now moved out of sight for everyone, friend and foe alike.

Resiliency in the cloud

A digital network is like an office building. If for some reason the building catches fire, you need to quickly respond to the incident and stop the blaze before it causes large-scale damage. Having a well-built structure made from the highest quality material can help. But that’s not all it takes to guarantee security. Only with holistic visibility can you check for structural integrity, and ensure that if something goes wrong, you’re alerted straightaway.

The same holds true for digital networks. In today’s cloud-based business world, breaches are inevitable. But they don’t have to be fatal. In fact, the ability to embrace resiliency and quickly respond to threats is a significant competitive advantage that will ultimately ensure success in the digital economy.

By Dr. Mike Lloyd

Kevin Julian

Patients Increasingly are embracing technology, and so must the pharmaceutical industry

Patients Increasingly Embracing Technology COVID-19 has driven home the need to use digital solutions more broadly, which means C-Suites may be turning to their CTOs for advice As lockdown restrictions went into effect due to ...
Juan Pablo Perez Etchegoyen

The S/4 HANA Decade is Here: Three Tips for a Successful Migration

Three Migration Tips For organizations using SAP, migrating to S/4 HANA is a project that’s either in the works or on the horizon as the 2027 deadline for completion looms. The new generation of SAP ...
Business Voip

Cloud Governance Best Practices & How “Legacy Governance” Hurts

Cloud Governance Best Practices The cloud can provide your organization with substantial benefits -- if you adopt an effective cloud governance model. Businesses established before the cloud era (or those that took their IT governance ...
Juan Pablo Perez Etchegoyen

Key Considerations for Keeping Mission-Critical Cloud Applications Secure and Compliant

Keeping Cloud Applications Secure and Compliant According to reports, nearly 70% of enterprises were moving mission-critical business functions and processes to the cloud before the pandemic. In today’s new normal, that number has skyrocketed. Organizations ...
Jim Fagan

Behind The Headlines: Capacity For The Rest Of Us

Capacity For The Rest Of Us We live in the connected age, and the rise of cloud computing that creates previously unheard of value in our professional and personal lives is at the very heart ...

PROXY SERVICES

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Smartproxy

    Smartproxy

    Smartproxy is a rising star in the constantly growing proxy market. Smartproxy offers awarded customer service, impressive performance, and is serious about your anonymity (yes, cybersecurity matters). The latest features developed by Smartproxy are 30 minute long sticky sessions and Google Proxies. Rumor has it, the latter guarantee 100% success rate

  • Bright Data

    Bright Data

    Bright Data’s network is one of the most robust of its kind globally. Here are its stark advantages: Extremely stable connection for long sessions (99.99% uptime guaranteed). Free to integrate with our Proxy Manager which allows you to define custom rules for optimized results. Send unlimited concurrent requests increasing speed, cost-effectiveness, and overall efficiency.

  • Rsocks

    Rsocks

    RSocks team offers a huge amount of residential plans which were developed for plenty of tasks and, most importantly, has been proved to be quite efficient. Such variety has been created on purpose to let everyone choose a plan for a reasonable price, online, rotation and other parameters.

  • Storm Proxies

    Storm Proxies

    Storm Proxies' network is optimized for high performance and fast multi-threaded tools. You get unlimited bandwidth. No hidden costs, no limits on bandwidth. Try Storm Proxies 100% Risk Free. If you are not happy with the service email us within 24 hours of purchase and we will refund you.