Tagged: Amazon Web Services
May 24, 2018 at 8:01 am #100034376
Security Intelligence: seeing through the cloud
Whenever data and applications are moved into the cloud, user access becomes an issue. Organizations must implement access controls for corporate resources both in the cloud and within the confines of the data center. The mass adoption of Cloud Computing in recent years has blurred the boundaries of the traditional network security perimeter. Implementing and managing secure and consistent access policies throughout distributed corporate resources requires security intelligence.
Security Intelligence Challenges
Cloud providers share hardware resources among tenants according to standards found in their Service Level Agreements. It’s the responsibility of providers to properly isolate computing, networking, and storage resources.
• Divided responsibility
Tenants are responsible for their assets. The precise division of responsibility will depend on the provider’s model, but ignorance is no excuse.
• Moving targets
The cloud is constantly growing, as are a particular company’s resources. Security policies have to anticipate and manage this constant change.
Successfully facing these challenges requires both an effective strategy and a high level of transparency into system-wide operations. For example, multi-tenancy must not lead to data breaches, but tightened security cannot interrupt data availability.
Confidentiality and data integrity cannot be compromised through dividing responsibilities inefficiently. Security policies should not be broken because of unannounced policy changes in the service deployment.
You’ll need security intelligence to keep on top of everything.
Secure access control to your data in the cloud
Access control is usually made up of two parts:
1. Authentication: positive identification of a user through a password or MFA. Additionally, you can limit access by user context, allowing only access requests that originate in appropriate locations or devices.
2. Authorization: establishing the resources a properly identified user may access.
The first step for security in the cloud is to know who is accessing what. The activities of everyone working inside your organization must be subject to significant scrutiny. And, of course, your team must be appropriately trained so they’ll know what’s expected of them.
Gaining better cloud visibility with security intelligence
Web-facing organizations are targets of more coordinated and targeted attacks against critical organizational assets – including customer databases, intellectual property, and even physical assets that are driven by information systems – than at any time in the past.
As more and more workloads move to cloud and virtual data centers, the need to track activities increases. Both effective audits and threat deterrence require security intelligence.
Security administrators typically worry about W’s: what happened, and when and where did it happen. For example, a security administrator might want to review all authentication attempts – both failed and successful – across an environment. Or he might need to know if there’s been a change to the rate of occurrence of a specific kind of event (such as the creation or deletion of virtual machines).
More specifically, cloud-based organizations are looking for better ways to:
• Protect and track user activities across their deployments.
• Meet audit and compliance needs for virtual resources.
• Obtain system-wide operational intelligence
You must be logged in to reply to this topic.