In environments as complex and fluid as the typical enterprise cloud, there are hundreds, if not thousands, of instances and accounts, and knowing what or who is running where and doing what is only possible through sophisticated automation. New technologies are rolling out faster than enterprises can find security professionals who have experience working with them, and the greatest vulnerability of all is also the most common: lack of visibility. Today’s multicloud environments require a great many pieces to be managed – microservices, containers, Kubernetes, serverless functions and the list goes on. In some cases, the number of different providers or services has made it easier for grey areas and misunderstandings to creep in, where the business doesn’t expect the responsibility to be theirs, or vice versa, only to find out it is. Unfortunately, as valuable as the shared responsibility model is, the services each party is responsible for differ from provider to provider, making it challenging for organisations to keep track of their security role in each cloud. The company assumes responsibility and management of the guest operating system (including updates and security patches), other associated application software as well as configuration of the firewall. This shared model can help relieve the organisation’s operational burden as the cloud provider operates, manages and controls the components from the host operating system and virtualisation layer down to the physical security of the facilities in which the service operates. Most cloud providers rely on the shared responsibility model, which distributes accountability for security and compliance across the company and the cloud provider. The ongoing migration to multiple cloud environments has made this even more challenging. Despite the massive investments companies have been making to help safeguard their data and systems, constantly growing technology ecosystems, alongside constantly growing threats, have made cyber security an increasingly complex task. Over the past few years, as more high-profile breaches made the news – and as more data has started making its way into the cloud – security has become the number one priority for organisations. Paul Spagnoletti, Business Executive: Cloud & Security at iOCO.
0 Comments
Leave a Reply. |