Home » New Cloud Models Need New Security Thinking

New Cloud Models Need New Security Thinking

application deliveryThe Big Migration

For the last 5 years, the “great cloud migration” has been underway as IT organizations plan and orchestrate the exodus of applications from data centers to Infrastructure as a Service (IaaS) providers. The benefits to the balance sheet are as clear as the risk associated with using infrastructure outside of an organization’s physical footprint.

Challenges faced

The promises of cloud infrastructure are many, including enabling teams to move fast. How can organizations ensure their teams are responsible without slowing down the rapid delivery that the cloud can offer? By implementing solutions that enable a healthy security posture in areas such as application access management, file management and deployment processes teams can move quickly and safely.

Old vs New

In a traditional setup, Virtual Machines (VMs) can be coupled to a service such as a database or an application performance management tool. In the world of the cloud a common best-practice is to separate these services from the application. By provisioning application-specific credentials using access management tools such as Microsoft’s Azure Active Directory or the AWS Directory Service organizations can ensure that their applications have the right access to the cloud services they need without depending on a single user’s credentials.

File Storage Challenges

While IT organizations utilize the cloud for applications, file storage is another area where the cloud shines. Due to the sensitivity of storing files outside of controlled data centers security in the cloud is particularly important. Using tools such as SFTP, Syncthing, and Rclone organizations can ensure file are sent, synced and encrypted securely.

Using Internal Teams for Initial Deployments

Implementing execution-level tactics can be helpful, however, a roll-out is often the best way to affirm that your plan is as secure as it is functional. Exercises such as deploying low-risk internal applications used by the IT department can be a good first step when working through cloud migrations. Creating incentives that support the team to call out potential security risks around the migration process and cloud configuration can lead to failing fast and safely while being transparent. KEMP’s application delivery controllers come with a WAF solution that supports both commercial and homegrown rule sets, giving teams the ability to test during deployments.

A New Approach Is Key

Traditional security processes and tooling that originate from the data center centric approach are not always compatible with cloud-centric technologies. In order to gain the most out of a cloud solution, it’s important to remember that rethinking your teams and their tools can offer a secure and efficient environment where teams can thrive.

You may also like

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy