Demystifying cloud cyber security
Cloud-hosted cyber security solutions offer protection on the edge, says George Senzere, pre-sales manager at ITD Global, Schneider Electric SA.
- External providers increase in significance.
- Ongoing battle probes organisations’ weak spots.
- Cloud-hosted cyber security solutions offer protection on the edge.
With the rise of edge data centres and an increase in cloud-based computing, companies are facing new challenges in end-to-end cyber security. To ensure proper protection, data centre teams must now assess both internal processes and strategies used by cloud suppliers.
According to George Senzere, Pre-Sales Manager Anglophone ITD Global, Schneider Electric South Africa, cyber security is a constant low-level conflict, where all infrastructures, systems and networks are constantly probed for weaknesses.
“Data centre profiles are quickly evolving. Protection requirements have expanded beyond the core, as edge computing adoption and the number of network nodes continues to grow. These shifts are changing the type of vigilance required, as criminals and bad behaviour never stop.
“To address this complicated task, start with a strategic cyber security plan that addresses both internal and external factors to prevent and mitigate cyber security attacks. This will take into account internal policies, but will also consider how chosen providers will ensure a safe environment to match the organisation’s security profile.
“With data centre assets now geographically dispersed, edge network endpoints make it impractical to attempt to replicate an on-premises ‘cyber security’ approach at every location. In distributed environments, the cyber security software that manages and monitors the infrastructure will sit on cloud platforms.
“This presents several new challenges for data centre managers, who retain responsibility for the security of distributed assets. This group has experience in dealing with third-party developed cyber security solutions deployed on-premises and optimised for particular environments. However, data centre managers tend to get nervous when information about the status of their facilities resides outside their data centre. Therefore, the suggestion that they should use cloud-based cyber security platforms to monitor and protect distributed, mission-critical assets often sits uncomfortably with their command and control, safety-first culture.
Adopting best practices
“Operations teams know that robust cyber security is built on policy, process and people. These become even more important when implementing cloud-hosted solutions. Getting the most from cloud cyber security platforms requires new user behaviour. For data centre operators, this means facing up to a few key questions around compliance, access control, data transport, data location and data privacy. Those using cloud-hosted cyber security solutions should consider:
1. Security policies that have been adapted for the cloud;
2. Multi-factor authentication is always used;
3. All security patches are current;
4. Data privacy and GDPR compliance responsibilities have been fully met;
5. Third-party penetration testing is run regularly;
6. Inbound and outbound systems are monitored; and
7. A DevSecOps approach is embraced internally and by your cloud provider (DevSecOps arose from DevOps to include information technology security as a fundamental aspect in all stages of software development).
“The number of attacks for financial gain or malicious intent will continue to rise. Thus, when choosing your cloud platform partner, due diligence has never been more important. As the number of services and critical applications grow at the edge, metadata that describes the condition of your edge data centres becomes even more valuable. Ensuring that cloud-based cyber security of edge data centre assets offers the appropriate protection cannot be left to chance.
“For Schneider Electric, cyber security is mission-critical, and that is why our cloud-based DCIM platform incorporates best practices to ensure cyber security protection. Working with the right partners ensures that your cyber security strategy will be focused on what matters most: increasing visibility, improving resiliency, and protecting data centres from the core to the edge,” concludes Senzere.
Schneider Electric is leading the digital transformation of energy management and automation in homes, buildings, data centres, infrastructure and industries. With global presence in over 100 countries, Schneider is the undisputable leader in power management – medium voltage, low voltage and secure power, and in automation systems. We provide integrated efficiency solutions, combining energy, automation and software. In our global ecosystem, we collaborate with the largest partner, integrator and developer community on our open platform to deliver real-time control and operational efficiency. We believe that great people and partners make Schneider a great company and that our commitment to innovation, diversity and sustainability ensures that Life Is On everywhere, for everyone and at every moment.