Moving business securely to the cloud [Q&A]
A large majority of enterprises are now using the cloud, but moving to cloud-based solutions inevitably presents challenges, not least in security.
We spoke to Sam Humphries, Security Strategist at SIEM (Security Information and Event Management) specialist Exabeam to get her views.
BN: What impact has cloud had on security?
SH: Cloud has a myriad of benefits, but has without doubt added complexity with requirements for security. Visibility has been the first challenge for security teams since, well: security. Now visibility must also extend into every virtual cloud and cloud service used by an organization. With today's typical hybrid environments, security teams need a line of sight into legacy infrastructure, multiple cloud providers, and a myriad of function-specific apps and services.
BN: What is cloud security?
SH: Cloud security is a big topic -- for the most part it is about protecting, defending, and remediating cloud-based systems, data and infrastructure from attacks and breaches. Cloud security applies multiple levels of controls that protect an organization's IP, and their employee and customer data, whilst also supporting regulatory compliance requirements.
BN: How does cloud security differ from traditional cybersecurity?
SH: The cloud is very different from 'traditional' on-premises infrastructure, so it makes sense that security will be different, too. There's a common misconception that The Cloud is one big thing, but there are a lot of nuances.
- Responsibility: with cloud applications and services, the cloud service provider and the customer share varying degrees of security responsibility, whereas with an on-premises infrastructure the enterprise itself is responsible for security end-to-end.
- Connectivity: Unlike with on-premises, cloud applications, infrastructure and services don't tend to generate log files. Logs are commonly used by security teams to find issues -- so for cloud security they commonly rely on APIs to collect the information they need.
- Resources: with cloud security, dynamic resources lead to blurred security boundaries and no clear perimeter; with on-premises security static resources contain security boundaries at the network perimeter.
As more workloads move to the cloud, better tools are being developed to secure both data and environments. Traditional security tools are often less effective in the cloud as they weren't built with it in mind.
BN: Can you explain more about the benefits of cloud-native security services and tools?
SH: Typically, organizations migrate security tools to the cloud to minimize the resources and overhead associated with owning and maintaining on-premises equipment and software. This means security teams can avoid system sizing, maintenance, uptime management, and product upgrades. In addition, reducing engineering effort to deploy and maintain new solutions allows security analysts to complete tasks faster and frees engineers up to focus on other projects.
BN: What's the take-up rate of cloud-native security tools?
A recent Exabeam survey revealed that 88 percent of respondents had accelerated their adoption of cloud-based security products to support the remote workforce. That same study also showed that 56 percent of respondents have between a quarter and a half of all their security products in the cloud.
BN: What are the main benefits to be derived from this switch from on-premises to the cloud?
SH: Many assume that the key reason for going to the cloud is to save money. It's much more than that -- it's savings of time, lower ongoing maintenance, elasticity, and availability. A cloud-based model delivers improvements in multiple areas including monitoring and tracking of attacks, access to latest features, faster time to value, less maintenance and lower CAPEX. Added benefits include reduced cost and maintenance issues, as well as eliminating the need to route cloud data to on-premises data centers.
On a positive note, with the pandemic driving the shift to a remote workforce, our recent study showed that 83 percent of organizations have significantly improved efforts to ensure better visibility into cloud-based applications. A quarter of those questioned, 25 percent, believe they have 'very good visibility' into cloud-based applications.
BN: What's the effect of the recent shift to remote working and what trends do you expect to develop from this?
SH: In order to support the needs of the remote workforce, many organizations had to move to the cloud at considerable speed, but possibly to the detriment of security. Unfortunately, I think that we will see both security and compliance breaches in the coming months that would not have occurred in normal times when due diligence could be applied at a more acceptable pace. However, now the dust has settled it's time to be revisiting decisions now to understand and remediate risk, whilst continually supporting the distributed workforce.
On the plus side, for certain industries, technology as an example, the shift to remote working is arguably a good thing as it opens up opportunities for a lot of people who could not historically attend an office from 9-5.