As more infrastructure is moved to the cloud, there are many opportunities to reconsider your security stance and relationships to build ever stronger and more secure IT solutions whilst reducing your security costs. In this post, I’m looking to explore some ways that you can build out your alliances to be better prepared and battle-worthy on the digital security war front.
For a long time, the main players in securing your network have been your own security team and your security product vendors. But with services getting split across disparate providers and key infrastructure features ending up hosted across the world, there is a real need to consider how to expand the range of security specialists outside of these domains.
Consider, for example, leveraging your Platform as a Service (PaaS) platform provider’s expertise. Using PaaS will allow you to “outsource” your operating system hardening and security maintenance. I’ve spoken in the past about the differences between IaaS and PaaS, but with the rise of working from home in the past year and a shortage of skilled security specialists (and those that do exist are often overburdened with an increased workload managing new work-from-home security concerns), the benefits of a PaaS provider expertise start to become all the more important.
By picking PaaS options, (Indeed, SaaS options gain many of these benefits, too.) you can safely overload a lot of the burden for securing your cloud services since a lot of the underlying infrastructure is secured and managed by your cloud provider. This doesn’t mean you get a free pass on not assessing the security of the implementations, but it can significantly reduce the workload whilst reducing the risk of costly downtime as cloud providers manage aspects of your configuration.
Standards Bodies and Community Organizations
Moving to the cloud does not excuse you from the basics of good security hygiene – and applying security frameworks like CIS just as you would’ve done for your on-premise infrastructure can help ensure you maintain a core set of controls and avoid potentially dangerous mistakes, all the while reducing some of the pressure felt from having to evaluate the security of your new cloud toolset from the ground up.
And whilst security researchers must always balance the desire to share important security warnings against the need to reduce the risk associated with releasing vulnerability information, an increasingly large amount of security development is being created in the open with significant open source projects (Taxii and the MITRE ATT&CK framework are notable additions in recent years). This means there are increasing amounts of data sources you can tap into online to improve your security.
When it comes to your security applications and services, this is also an opportunity to consider your vendor partnerships in a new light. Beyond just making sure that your security vendors have solutions that give you insight into both your local and cloud infrastructure, there are more chances to collaborate on security intelligence.
It is increasingly beneficial to review what your security providers can do with the scale and functionality of cloud infrastructure. The last few years of AI and mass data work wouldn’t be anywhere near as practical with traditional on-premise-only solutions, so it’s great to see that many vendors are engaging with this to offer innovative solutions. Many of these schemes, however, are only as good as the data they get from their end users – your security tools – so it’s worth exploring what cloud security tooling you are comfortable with in order to get the benefits of a large scale security platform. With careful consideration, it’s entirely possible to further enrich your security data with the help of these vendors, ultimately allowing for products to become more effective whilst reducing the risk of false positives.
As your infrastructure spans more cloud providers and solutions become more complicated, it becomes increasingly more important to ensure your own team has the expertise to lean on. Whether you are embarking upon a big migration or adding a new line of business application, there are skilled specialists who know how to make these work in the cloud. However, make sure that your partners here include security specialists and that considerations for your plans include detailed security assessments.
For your own team, there’s also potential learning opportunities for them to get skilled up. This year has meant plenty of these learning resources have moved to being online and always available so that interested security analysts can become AWS-Certified or Microsoft Azure security specialists.
The Winning Team
A move to the cloud is the perfect opportunity to assess who can help you build out a roadmap to a better hybrid IT environment with cloud, on-premise and remote workers all operating with the peace of mind that your partners in the world of security are working tirelessly in the background to ensure their work is safe and rarely interrupted.