Embracing Public Cloud and cyber security challenges
Organisation are moving their IT footprint i.e. Core and end users (VDI etc) to Public cloud, but this disrupt traditional security controls efficacies. Conventional security controls implemented for safeguarding on-prem/private cloud IT assets are not equipped to mitigate risks after movement to cloud and for safeguarding hybrid and multi-cloud environment.
Reason for movement to the Hybrid cloud or public cloud:
For many application workloads and implementation scenarios, the public and hybrid cloud offers more technical flexibility, faster scaling, and lower operating costs than on-premises servers or private cloud platforms. On flexibility and scaling, the major cloud-service providers (CSPs) now offer a wide range of cloud products and services across infrastructure, application platforms, application development and maintenance (ADM) tools, infrastructure management, and consulting. Additionally, major CSP’s are launching native and open source Artificial Intelligence, machine learning platform and ISV application which organization can easily adopt and implement for unique use cases for digital analytics and implementation of IOT, RPA’s and blockchain enabled services. These platform services available in the cloud can drastically reduce organizational capability of go live from few months to few weeks without any huge capital investment and risk of money going down the drain in case the project is not successful or not giving full business potential. In addition to this number of third-party applications has exploded and natively available in the marketplace. Software providers are giving huge benefit to organization for portability of their enterprise software in the cloud environment thus no fear of wasting the investment.
Companies eyeing a move to the public cloud can take advantage of these solutions and smoothen the transition and support their operations and help businesses to directly impact their customers and get real business insights through next gen technologies. Strategy of Hybrid cloud gives extra benefit to organizations who can rebalance basis the regulatory control and billing of certain services going through the roof and bring back for controlling these issues.
Lower costs and conversion to opex are another important benefit. Companies can reduce their operating costs by transitioning selected activities that deliver a lower total cost of ownership (TCO) in the public cloud.
Cyber Security Challenges:
Despite the public cloud’s agility and flexibility benefits, considerations around security have held companies back from migrating to the public cloud at the scale till few years ago. This feeler is changed and now majority of the CISO now accepted that cloud is more secure in comparison with theirs implemented on-prem or in a Private cloud of their organization.
Using the public cloud which disrupts traditional cybersecurity models that many companies have built up over years. Cybersecurity technologies for on-premises IT systems, such as identity and access management (IAM) and data loss prevention, are unlikely to work as intended unless they are reconfigured to function effectively in the public cloud or to manage the load distributed in a hybrid cloud or a multi-cloud environment.
Multiple parties—CSPs, tool vendors, managed- security-service providers (MSSPs)—jointly have a role in ensuring the security of data in the public cloud. Certain areas, such as IAM, operational monitoring, and application-level controls, can be particularly challenging, since responsibility is shared by the CSP, third-party solution providers, and the enterprises itself.
In the face of such lack of understanding and testing the water in unchartered territory, many companies have chosen to stick with on-premises servers or private cloud despite the potential benefits of the public cloud. In a few other cases, there is expectation mismatch in understanding of challenges in the shared responsibility model which have prevented them from making the shift to public cloud. A seemingly continual stream of major security breaches for those organization recently migrated in a public cloud and where attackers are increasingly scanning for vulnerabilities and mistakes in user configurations, has also increased fears among executives—For example, the speed and flexibility that cloud services provide to software developers can be a double edged sword and without appropriate configuration governance, lead to insufficiently protected environments. In many of the high-profile breaches, misconfigured storage bucket settings are a common vulnerability (poor control), highlighting the need for enterprises to have the necessary in-house knowledge and capabilities to manage security in the public cloud.
CSPs offer a robust selection of security solutions and enablers, and the roll-out of new technologies is simplified by the centralized nature of the public cloud. CSPs are also constantly evolving their security offerings to stay abreast of threats, and continuously refreshing the features and controls offered to customers. Hence, enterprises are assured that they are getting the latest, most effective solutions. Moreover, Cloud service providers are closely working with specially security software solution providers and incorporating add on security services for strengthening IAM, audit and vulnerability management tools which can quickly identify any security issues in a click of a button. They are also strengthening their core services by portability of security solutions which are tried and tested in the enterprise environment and capability of replicating the same control in the cloud environment and thus protection and standardisation of security posture in a hybrid or in a public cloud environment.