Cirrus, stratus, nimbus: clouds come in many configurations, but the misconfigured clouds are the ones to watch out for. They are those small but deadly problems with your organisation’s cloud, that often go unnoticed, and unreported, until it’s too late.
For many businesses, cloud security has posed a challenge for the last decade or so. Social distancing has made it more relevant than ever, as it’s likely that at least some, if not all, of your business is cloud-based now, making it easier to cope with a fully remote workforce.
The pandemic poses a challenge to cloud security. As reports appear of hackers using coronavirus as a way to scam individuals and businesses, the pressure is on to prevent data breaches and to keep your cloud secure.
Security has become a key driver in cloud adoption according to Ross O’Donovan, information security practise lead at Logicalis Ireland.
“People are concerned about going with a public cloud rather than a private infrastructure, but the vendors – AWS, Azure and others – are a lot more mature now,” he said.
Customers are beginning to see the possibilities with cloud, including the potential for built-in security.
“We’re seeing a particular focus on security by design, building cloud structures the right way in the first place and then letting them expand with their changing business requirements,” O’Donovan said.
It seems inevitable that some aspects of our current situation will endure beyond the present moment. The shift to remote work was already under way and, if anything, the pandemic will inspire organisations to enhance their remote capabilities, centred around their use of cloud services
“I think some people who may have been considering a hybrid strategy have pivoted to a Cloud first strategy now,” said O’Donovan.
“They don’t want to take that risk again. Resilience is important here; customers are looking for a secure, resilient, scalable environment.
We’ve seen customers whose existing infrastructure wouldn’t support 5,000 remote users because the physical platforms were never designed to do so, and others with a smaller cloud footprint who were able to scale up overnight.”
O’Donovan stressed that security is always changing, with a wealth of security options to choose from.
“We’re seeing cloud security vendors moving towards proactive monitoring. Vendors like Cisco, Checkpoint and Palo Alto are always monitoring the environment,” he said.
“You can either opt to alert yourself to insecurities within a short timeframe – 15 minutes to an hour – or, once you’ve configured a server or application in-line with your security policy, you can enable auto-compliance, which means that any attempt to implement an insecure/non-compliant change is automatically denied. Once you set that policy, it’ll keep auditing, and if there’s any attempt to change it will alert your security teams.”
If you want to speak to an expert from our Security Practice about security in the cloud, please contact the team at Logicalis today.