Barracuda Networks’ Chris Hill gives advice on how to translate on-premises security to the cloud with ease
Caspar Herzberg |
This article was originally published in the Spring 2019 issue of The Record. Subscribe for FREE here to get the next issue delivered directly to your inbox.
Not all on-premises solutions will work the same, if at all, in the cloud. Cloud infrastructures themselves contain numerous security services that need to be incorporated, and the very mechanisms behind operating securely in the cloud are different to traditional on-premises solutions.
Companies who have been successful in designing and deploying an actionable cloud security framework focus on five pillars, each of which is addressed in sequence as those customers migrate to and operate within a cloud ecosystem.
These five pillars are:
1. Identity Access Management (IAM): To develop an actionable IAM pillar, customers must: enable single sign on; enable multiple-factor verification for administrators and users; use role-based access controls and provide access as needed; and lower exposure of privilege accounts.
2. Detection Controls: To develop an actionable Detection Controls pillar, customers must: deploy detective controls at layer 4 to layer 7 and protect applications; understand how IDS differs from firewall protections; and have a thorough understanding of all monitoring and logging activities that are performed as part of in-place detection systems.
3. NetSec – Network Security: To develop an actionable NetSec pillar, customers must: understand the policies and benchmarks that are appropriate to their organisations and the cloud; and deploy solutions that translate those benchmarks into actionable results, such as firewalls or security monitors that look at the cloud.
4. Data Protection: To develop an actionable Data Protection pillar, customers must: have complete visibility of information and data stored in Microsoft Azure; have controlled versioning of data; protect data at all times; and encrypt their data at all times.
5. IR – Incident Response: To develop an actionable IR pillar, customers must: unify IR strategy across the board – both cloud and on premises; detect and remediate on a continuous basis; and leverage all available preventative tools which can prevent incidents.
Customers who achieve actionable cloud security approach leverage these pillars in a sequential manner. By understanding security this way, organisations can ensure they don’t miss key elements that can be overlooked when security is approached on a piecemeal basis.
But this isn’t all. Success in developing an actionable cloud security framework comes from understanding how this framework applies to a particular customer’s situation. This is where Barracuda Networks can really help.
Chris Hill is regional vice president of Public Cloud at Barracuda Networks