Securing everything – even the cloud
Gartner recently noted that South Africa is one of the fastest-growing regions for IT spend and much of it fuelled by cloud-related migrations.
The cloud’s impact has been colossal, particularly in South Africa. Yet this is not a uniform migration. Workloads, applications and data are being distributed to public cloud platforms, private clouds and on-premises sites.
Companies are pursuing cloud’s most alluring feature – its dynamism – but that comes at the cost of the security parameter. Strategies such as multi-cloud are taking their place along with other parameter-busting practices such as remote working and supply chain access to company systems.
Unfortunately, as IT resources become more dynamic and costs get driven lower through savings and value, this increases the attack surface for criminals. Sadly as the versatility of the cloud era grows, so do security concerns – and the market is worried about this.
Rudi van Rooyen, Security Engineer at Axiz, says one of the first things customers need to ensure is that they’ve got the same security controls moving to the cloud as they have on-premises.
Building security everywhere
But can it be done? Fortunately, cloud providers have been applying themselves towards collaborating with top vendors to integrate security products into their platforms. It is then the job of providers such as Axiz and their partners to match those features with the customer’s security processes.
Once implemented, the result should resemble another concept that has become important in recent years: a single view of the environment. The idea applies to multi-cloud, wherein administrators want a view of all the assets they oversee, no matter where these are located.
Van Rooyen adds that successful multi-cloud management needs a single view and the same applies to security in such environments. "You want a singular platform with a management view that gives you full visibility of your cloud environment, end-point environment, data centre environment, mobile environment, OT environment – it doesn’t matter. Everything today is connected, so you want to have visibility of them all at the same level.”
The downside is that even though this makes sense, it only recently become viable as vendors and service providers focused more on single-view platform features.
Sweat the little things
Reality is that accurate visibility starts with factual and reliable information, which is why assessing your security requirements is always the first step. An assessment helps identify the environment’s pain points and priorities, such as where it is most likely to be attacked. But examples of such discoveries aren’t limited to weak passwords or where the business’ data crown jewels are stored.
Van Rooyen points out that something as routine as patching policies can be a serious problem if not managed adequately in a hybrid or multi-cloud environment: “Is the customer more prone to a Web-based attack? Are they more prone to social engineering attacks? Are some of the infrastructure outdated or not running the latest firmware? There are exploits that result from not proper patching.”
Security engineers use this information to devise the appropriate approach, such as which technologies are best to improve the security posture. Fortunately, many companies already have some security products in place – these can be used to help create that baseline and suggest further integration opportunities. The approach is applied across the board, including the cloud.
“The security requirements can change depending on where you look, but the result has to be a homogeneous security management layer that covers everything,” said Van Rooyen. “Some customers think they are fine because the native security of their cloud provider looks good. But it’s often not enough, because the security has to match the customer’s requirements, not the cloud provider. Security and security policy should follow the workloads and data wherever they go. That’s why you must have an integrated and overarching view of everything.”
Gain back time
Creating such visibility helps introduce another vital component of modern security. Automating security processes is a fantastic way to reduce pressure on security professionals and security costs.
“A lot of the mundane procedures an engineer would have to analyse can be automated. Using machine learning and artificial intelligence essentially cuts off 80% of what the engineer normally looks at. They can focus on the remaining 20%, armed with multiple reference points and metadata to make better and faster decisions.”
This is significant because cyber attacks are often prolonged and sophisticated multi-pronged attacks that probe for weaknesses to exploit. The deluge of warning messages notoriously hamstrings security professionals, most of them false positives. Attackers hide in that noise, but a visible, automated and informed environment turns the tables on them.
Just like sunlight kills infections, visibility deters cyber attacks. The rising popularity of the cloud has made such visibility a challenge. "But take a leaf from the multi-cloud management trend: if you want to secure everything, create a single view that encompasses them all, and integrate your systems so that security follows your assets."