Page 17 - CDM-Cyber-Warnings-March-2014
P. 17
How your security vendor can help Keep in mind that even when a cloud provider can demonstrate the strengths of its own security and patching programs, security in the cloud is a shared responsibility. Typically, you will be responsible for securing the application and portions of the network and host layers of your cloud-based infrastructure to ensure its availability. That means making sure that you are effectively managing and monitoring the infrastructure for quick identification and resolution of security incidents. This is where a trusted partnership with your security vendor can ensure that you are using the right cloud-native security solutions for web application, network and host defense. This includes log data analysis, intrusion detection systems, and malware detection. Talk to your security vendor about: Availability of security technologies that are cloud-centric and can be easily integrated into an enterprise security strategy to protect all of your infrastructure resources, both physical and virtual Security solutions that have been proven to deploy, work, and rapidly scale in the cloud What is needed to properly monitor, analyze and respond to security events in the cloud Helping you identify your company’s specific cloud security needs so you can build the right level of cloud protection to accomplish compliance and security. Securing your castle in the cloud It’s no longer a matter of whether you will host some business applications in the cloud, but when you will make that move. Whether you have already built a new castle of virtual servers and virtual desktops in the cloud or are developing a new web application strategy, start talking to your cloud hosting provider and security vendor now about working together to build the strongest virtual moat against today’s escalating cyber threats. About The Author Stephen Coty is Director, Threat Research at Alert Logic in Houston TX and a member of ISSA, Infragard and the HTCIA. Before coming to Alert Logic he was the Manager of Cyber Security for Rackspace Hosting. Prior to Rackspace he has worked at several companies including Wells Fargo Bank, Applied Materials, Stanford Medical Center and The Netigy Corporation. He has been in the Information Technology field since 1992 with a focus on Security as of 1999 where he started as a penetration tester and auditor. Research has been his primary focus and passion since 2007. Stephen can be reached online at [email protected] and at www.alertlogic.com " # % " $ " # ! !
