How to avoid common mistakes when moving to the cloud
FYI, this story is more than a year old
With more than 30% of the global cloud market and a wide variety of customisable features, Amazon Web Services (AWS) have become the go-to provider of cloud services for many companies.
But access, ease-of-use, and the pace at which DevOps teams make changes requiring continuous monitoring of configurations go hand-in-hand with critical security concerns, as many enterprises discovered after experiencing a breach in the AWS cloud.
Fortunately, there are steps you can take to keep your company secure. Security teams need to understand their part in the shared responsibility model, where customers retain control of what security they choose to implement to protect their own content, platform, applications, systems, and networks, no differently than they would for applications in an onsite data centre.
The complexity of Amazon’s feature-rich service means that users aren’t always aware of the best security controls and practices of the system.
With organisations in various stages of public cloud adoption and with different cloud maturity capabilities, an organisation’s maturity level combined with Amazon’s speed of innovation requires to focus on configurations that may be exploited in a specific context.
One key driver behind the move to the cloud is the promise of an elastic, scalable service that supports your organisation as it grows and your security needs change. No capacity planning or regular hardware upgrades required.
However, to deliver on that promise, you can’t simply move traditional, on-premises security technologies into the cloud. From the start, Netskope built a cloud-native security platform for SaaS, IaaS, and the web.
Using a containerised, microservices-based architecture, Netskope Cloud Security was designed so that every component of the security service can seamlessly scale based on the needs of our customers.
When you have a separate product architecture for web security that is different from your product architecture for cloud security, you miss advanced threats that use the combination of cloud and web to cause damage. One example is an attack that delivers a malicious payload from a website and uses a cloud storage app for command and control.
Getting visibility into both the cloud storage side to detect the script execution and seeing the payload movement from the website will help you get a complete picture of this threat and control all stages of the attack.
The Netskope Cloud Security platform was built from the ground up to analyse both cloud and web transactions in real time, decode rich contextual details about usage, and identify anomalous behaviour and risky activities for users of both web and cloud. That includes identifying threats and anomalous behaviour that takes places across cloud and web.
The cloud presents a tremendous opportunity to make your users more agile and collaborative, giving your company a competitive edge. There is an opportunity to embrace both IT-led and user-led cloud services, but it’s important to do it safely.
Netskope is represented by Katana Technologies, an IT security and risk-focused distributor servicing the New Zealand and ASEAN market with select and specialist partners.