Page 16 - CDM-Cyber-Warnings-March-2014
P. 16
Security vendors have tried to respond by retrofitting existing security solutions to adapt to the cloud, but unfortunately without much success. The nature of the cloud architecture is different than a traditional network, therefore physical security appliances, or any approach depending on network switches, persistent IP addresses, and other traditional network elements are not as effective. Even virtualized physical solutions cannot support the level of integration needed to support the rapid scaling requirements of today’s elastic cloud solutions. Furthermore, traditional security technologies cannot give you the full range of visibility of network traffic within the cloud, and you risk missing anomalies that may indicate a security issue. As a result, you could put your business at risk of cyber-attack and the resulting losses of revenue, customer trust, brand reputation, and even investor confidence. What’s required is security technology designed to give you the flexibility to comply with security regulations while effectively monitoring and protecting your cloud-based applications and data stores. Product technologies available today include web application firewalls with adaptive learning engines and broad compliance coverage, automated log management solutions, intrusion detection systems (IDS), anti-virus, DDOS mitigation, iptables, and identity management with context aware threat identification and blocking capabilities, and vulnerability assessment. But you must know which technologies are the best fit for your particular cloud environment. What is your cloud provider already doing and what more could your security vendor do to keep applications and data secure? What to ask your cloud provider Your cloud provider is probably responsible for providing the physical security for the data center and all of its security policies. To ensure effectiveness, the provider must manage the cloud infrastructure in a methodical way so that all patches are current and all of the right ports are closed to keep cyber intruders out. Your cloud provider should be able to give you satisfactory answers to questions like: Is the cloud provider giving you a good range of cloud-native security tools such as log management, web application firewalls, malware protection, and identity management solutions, anti-virus, DDOS mitigation, iptables, and identity management to cover all of the bases of cyber threats? Can the cloud provider give you access to monitoring and management tools to help you analyze and monitor all of the network traffic that is passing to and from the cloud? Can these monitoring services provide useful data that can drive proven, actionable plans to deal with security incidents? Can you track cloud provider assets from the backend, so that you are monitoring traffic not only from your network to the cloud but also from your network to the service provider? " # % " $ " # ! !
