Moving applications and services to the cloud helps enterprises gain agility, improve competitiveness, lower IT costs, and provide users with anytime, anywhere access to resources and data. It is estimated that the market for cloud computing will keep growing at a rate of 20% per year, reaching $116 billion by 2021. It is also forecasted that cloud computing will have virtually replaced traditional data centers in the same period. Clearly, trusted cloud security is a must-have as the majority of enterprises move their valuable assets to the cloud.
But here lies the conundrum: How do you gain competitive advantages from the cloud without putting your assets at risk?
Cloud security considerations and risks
With more data moving to the cloud, maintaining the sanctity and integrity of that data and ensuring cloud security becomes Job #1. And because of its very nature, securing cloud assets poses a number of unique security challenges.
- The cloud is a lucrative target because of what lies within, such as intellectual property, mission-critical trade secrets, and personal information.
- Because this is the currency of today’s sophisticated hackers, enterprises need to employ cloud security measures that protect cloud assets and keep hackers at bay.
- By its very nature, cloud security needs to be a shared effort between cloud service providers (CSPs) and users, with each playing a critical role in deploying safeguards, consistent policy, and controls.
In one recent study, it was found that the highest-priority concern for most IT executives when considering cloud adoption and cloud migration was cybersecurity – how to protect data, assets, and infrastructure when the organization no longer controls the entire technology stack.
In its recently published cloud security research report, Gartner predicted that “through 2020, 95% of cloud security failures will be the customer’s fault.” Coupled with another finding that one in four organizations have already experienced a data theft that affected its presence in the public cloud, it becomes imperative that cloud providers and cloud users work together to prioritize secure configuration and implementation of those aspects of the cloud they can control.
Emerging cloud security best practices
Although there are risks associated with cloud services that aren’t present in a traditional on-premises IT environment (virtualization and cloud tenant isolation, shared network endpoints, third-party trust, etc.), many of the recent headlines bear a consistent underlying theme: data exposures were attributable to improperly configured, user-controlled cloud assets and user-defined security controls, not risks associated with the underlying cloud infrastructure or cloud service.
When moving to the cloud, it is important that you take the time to review your security posture and determine what changes and controls need to be implemented to operate securely.
To avoid becoming another statistic, you should:
- Be sure you have visibility into all of your assets (both on-premises and in the cloud)
- Prioritize assets based on their criticality to your business
- Continually scan for vulnerabilities across all relevant attack vectors
- Get prescriptive fixes so that you can quickly remediate issues
- Enforce consistent overlay and underlay security policies across sites and cloud provider domains
With cloud fast becoming the new normal, cloud security becomes a strategic imperative for most organizations. As you seek a flexible infrastructure that supports your drive for business agility, it is critical that your organization fully understands the shared responsibility model and deploys all needed security measures as you move data or applications to the cloud.
Organizations must undergo a fundamental shift in their security thinking when operating in the cloud. With cloud computing, you share responsibility for security with your CSP(s). While you don’t have to manage physical servers or storage devices, you do need to use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources.