As companies make the move to the cloud, security is a top concern. A strong security foundation, however, needs to be built on a clear understanding of what the cloud is and how your company can best leverage it. Simply put, the cloud is the Internet—more specifically, it’s all of the things you can access remotely over the Internet. When something is in the cloud, it means it’s stored on Internet servers instead of your computer’s hard drive or an on-premise server.
Many people use the word “cloud” to mean a replacement for a data center. While the cloud can encompass servers, storage and databases, it can also include networking, software and analytics.
When your company has defined how it is going to use the cloud to full advantage, moving beyond the cloud as a data center, there are two important points to determine. You need to establish how employees will be using the cloud and formulate a clear cloud strategy for your overall organization. Once those have been decided, your business will be ready to determine how security should be established in its cloud environments.
Three key considerations for cloud security are:
Identity and Access Management
The first security component that is highly important in the cloud is identity and access management. When companies use a data center model, traffic coming in and out is controlled through a firewall. Access to the corporate network can also be limited by requiring employees to use a VPN. With cloud providers and external cloud environments, there is more potential exposure to threats, so how you manage identities becomes critical. Depending on the defined roles of users enrolled and how you’re managing devices in the cloud, your company can be well secured or it can get compromised pretty easily.
You need to make sure what you implement is managed in the right way, with the right user accounts and the right roles. One of the key components to have is multi-factor authentication for anyone who accesses the cloud environment from the Internet, even from the corporate network. In addition, device and service identities add complexity to securing cloud environments especially in a multi-cloud architecture.
A Cloud for Each Use Case (Zero-Trust)
Companies need to put a secure architecture into practice. Organizations often have many use cases for employees in their cloud environment, but have only one cloud or cloud account. The clear way to cloud security is to create different clouds for each use case. Map the use cases to the cloud environments that are created for each one of them. This can be better done creating a zero trust architecture and micro-segmentation between resource types.
For example, your human resources department might be one specific use case. HR employees should log in to a mini-cloud that is part of the bigger cloud environment for your company. Limited access allows employees to get to what they need to do their jobs, but segments users in a way that makes monitoring the cloud environment easier. These are high level principles that RSM uses to build a zero trust reference architectures and improve security through the use of micro-segmentation.
Cloud Activity Monitoring
Once the identity and access management pieces have been established, logging, monitoring and alerting is critical to cloud security. In many use cases, employees may have a high level of privileges into different types of services. In some cases, if you give enough privileges to someone in your cloud environment, those people might misconfigure things by mistake or deliberately. If your organization doesn’t have the right logging and monitoring, you might be exposing things to the Internet. Also, your cloud can evolve over time and the way data is exposed can change, as well.
You want to be able to identify those changes and exposures with alerts when they happen, so you can deal with them right away. When your cloud environment gets compromised, you need to identify the issue and contain the incident as much as possible. Then you need to extract anything malicious from the environment before modifying your cloud to make sure the incident doesn’t happen again.
Want to find out more about how RSM can help your organization develop, monitor and manage its cloud strategy, infrastructure and security? Schedule a call with one of our experts today.