Page 19 - Cyber Warnings
P. 19
Why Enterprises Need a Multi-Layer Approach to Public Cloud
Security
Security has long been the principal fear that weighs on cloud investments. While perceptions
are improving, Intel Security’s recent State of Cloud Adoption study found that data breaches
remain the biggest concern of companies deploying Software as a Service (SaaS),
Infrastructure as a Service (IaaS), and even private cloud models. A 2015 survey by Crowd
Research Partners found that nine in 10 security professionals worry about cloud security.
These concerns, however, are not stopping enterprises from investing in the cloud. The Intel
Security study found that while the survey shows that confidence in cloud security is increasing,
only one-third of respondents believe their senior executives understand the security risks.
Investments in cloud security should be commensurate with the level of migration to cloud
services.
But budgeting for security in the public cloud is distinctly different than planning for on-premise
prevention. One fundamental shift is that cloud providers use a “shared responsibility model”
that spreads risks between vendor and customer.
Another difference, customers don’t buy the same mix of products and equipment to secure the
cloud that they do in the data center.
Budgeting for security in the public cloud begins by considering which applications and
infrastructure components will live there. Some, like website hosting and document serving, are
of relatively low risk and don’t demand the most stringent safeguards. Also consider the
consumption models you’ll use.
SaaS providers generally assume responsibility for security and the application and system
levels. However, IaaS providers tend to cede those responsibilities to the customer. What’s
more, no public cloud provider is likely to assume responsibility for user access and data
protection, although there are measures they can take to support your own efforts.
There are three levels of security to consider as you build out your public cloud strategy:
System-level security for IaaS
This is secured plumbing: systems-level components such as operating systems, networks,
virtual machines, management utilities and containers. Here, you want to invest in cloud
providers that make it easy for you to keep your systems current with the latest patches and
updates.
19 Cyber Warnings E-Magazine – September 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
