Sophos webinar: Seven best practices for securing cloud
The use of multi-cloud affects security in a number of ways and organisations need to know what measures to take to avert threats, says Sophos.
With the exponential deployment and expansion of hybrid multi-cloud services across industries comes a plethora of security issues as cyber criminals seek to take advantage of loopholes in these environments.
Angela Mace, CRM and Events director at ITWeb, says this is the reason Sophos is hosting a ‘Securing the Cloud’ webinar, in conjunction with ITWeb, on 24 March 2020.
The webinar will explore the seven best practices for securing applications in the public cloud.
“Today organisations utilise cloud services from multiple service providers in order to meet all their business needs,” she says. “It is crucial they understand all the security risks that come with this so that they can effectively prepare themselves. This Sophos webinar will take the attendees through the best practices of securing their organisations’ public clouds.”
Richard Beckett, senior product marketing manager at Sophos, says the use of multi-cloud affects security in a number of ways and organisations need to know what measures to take to avert threats.
“As organisations look to expand in the cloud, take advantage of top growing services in serverless, containers, and Kubernetes, or adopt methodologies such as CI/CD and DevOps, they should be aware of the techniques used by cyber criminals to target hidden gaps in security responsibilities, misconfigurations, user access roles, and permissions,” he says.
“The secret to effective cyber security across dispersed environments in Amazon Web Services, Microsoft Azure and Google Cloud Platform, is to improve your overall security posture, ensuring your architecture is secure and configured correctly.”
It is also important to have visibility into your architecture and into who is accessing it, adds Beckett.
“The rapid growth of cloud usage has resulted in the fractured distribution of data, with the average organisation now utilising at least two public cloud platforms. This multi-platform approach compounds the visibility challenge for security teams who must switch from platform to platform for a complete picture of cloud assets.
“The easier the management experience the easier it is to cut incident response times, increase threat detection, and reduce compliance audit headaches. Not to mention aiding retention of valuable team members,” adds Beckett. “Look for agentless solutions that allow you to monitor multiple cloud provider environments within a single SaaS console. Reducing the number of tools, time, and people needed to manage security across multiple cloud accounts and regions.”
Look out for misconfigured cloud resources and over-privileged identity access management roles, Beckett warns. The need for automated security is clear as cyber criminals increasingly take advantage of automation themselves in their attacks. “Automating your cloud security controls is one of the best ways of keeping cyber criminals at bay,” he notes.
Beckett is responsible for product marketing of Sophos public cloud and SaaS e-mail security tech. After getting his break working with tech start-ups and telecoms VARs, he spent the best part of his 20s and 30s in product management and product marketing for premium IaaS hosting brands, before joining Sophos in 2016.
Follow this link to register for the webinar.