Cloud Hosting

Gartner lists cloud computing as one of the top technology investments for the next five years, and the global public cloud computing market is set to reach $258 billion in 2019. The ability to access data from anywhere is the top reason for cloud adoption, with about a third of companies IT budgets going to cloud services.

However, many enterprises transitioning to an only cloud or hybrid cloud environment are unnecessarily hitting roadblocks on issues of security and privacy. There is a common misconception that organizations can fit old security practices into the new cloud environments and when they fail to do so, the cloud environment is blamed. In fact, the cloud is inherently secure if you follow best practices to secure it. In this blog we separate myth from reality when it comes to cloud adoption.

This is one of the most persistent myths about cloud security that just wont die.

The notion that an on-premise data center and its security is more robust than cloud security is fundamentally flawed. On the contrary, the cloud can be more secure than on-prem. However, this requires following the best practices made for the cloud, and leaving behind the checks and balances we had in the pre-cloud world.

Since the cloud is made up of software, it is much more malleable than the physical infrastructure. It can be updated, audited, and secured in a more complete way than was possible with the physical nature of the pre-cloud environment.

This malleability however, is a double-edged sword. The main problems facing cloud security are still security misconfigurations and human errors. It is these glitches and configuration errors that lead to the notion of an inherent insecurity of cloud buckets.

In a recent survey of cloud professionals, nearly 22 percent of respondents linked a data breach to compromised credentials. That is why Identity and Access Management (IAM) policy for cloud apps is one key area that must be prioritized in cloud adoption strategies.

Cloud is inherently safer by design, but only when the best practices of cloud adoption are followed to a T. When set up and maintained correctly, the cloud can be much more secure than on-prem environments.

The cloud is made up of physical servers. While cooling, power, fire suppression, physical security, and server maintenance are someone elses headache, aka, the cloud service providers, the need for backups is still your responsibility.

Bugs, human errors, cyberattacks that corrupt or damage data etc, require the possibility to revert back to a previous known sound version. This is something that youre responsible for, and the cloud provider wont do it for you. Setting up backups is something that you need to handle.

A cloud service provider can support you in your efforts to be secure and compliant. Still, its up to you and your organization to do everything necessary to meet regulatory and compliance requirements. That is why it is crucial to deploy continuous monitoring of both technical and non-technical cloud compliance requirements.

Your cloud provider is responsible for the security of the cloud, while you, as a customer, are responsible for security in the cloud.

The cloud vendor is responsible for managing the host Operating System (OS), the virtualization layer, and the physical security of its facilities. But it is up to the customer to ensure security within a given cloud environment.

Dont forget about your share of responsibilities. You are responsible for configuring and managing the security controls for the guest OS and other apps (including timely updates and security patches), as well as, setting up the access control. Additionally, you are responsible for encrypting data in-transit and at-rest.

One of the most pervasive myths is that data cant be audited as effectively in the cloud as it could be on physical servers. This simply isnt the case. As the CTO of the U.S. Department of Veterans Affairs states with proper tooling, you can conduct much better audits in a cloud-based environment.

To power up your audits, you need to combine training with tools. Spend time with personnel who conduct audits to see how their work is carried out. Then walk them through your companys tool capabilities and how to utilize these to alleviate some of their pain points.

When set up and maintained properly, cloud can be more secure compared to pre-cloud environments.

It is tempting to sign off and just let your cloud service provider handle everything in the cloud. Providers bring with them powerful capabilities and also take on some parts of the security, such as updating the physical layers, and virtualization layers. But properly conceived security wont be provided straight out of the box, and it never will be.

Your developers and DevOps teams are ultimately the ones who build the cloud environment. If they run wild and you dont have visibility and necessary controls in place, you wont be secure. However, if you handle the cloud the way it should be handled you will be secure. Its as simple as that.

Due to the intertwined and complex nature of cloud environments, the basic foundation of securing a cloud environment is gaining full-stack visibility into all its assets. This entails a complete understanding of what is happening in the entire cloud environment across all of its layers: the cloud infrastructure level, operating systems, applications, and data.

Orcas Cloud Visibility Platform was built for the cloud. Not only does it provide you with full-stack visibility, but it also makes audits easier when compared to pre-cloud environments.

Read the original post:
Debunking the Myths Associated with Migrating to the Cloud & Cloud Visibility - Security Boulevard