5

iTWire - Don't take cloud security for granted

 3 years ago
source link: https://www.itwire.com/security/don-t-take-cloud-security-for-granted.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Monday, 14 December 2020 16:51

Don't take cloud security for granted

By Stephen Withers
Don't take cloud security for granted

"Cloud security does seem to be an issue," according to Trend Micro ANZ technical leader Mick McCluney. It's not that there are any inherent insecurities in cloud computing, but the pace of activity and the differences from conventional IT do cause issues.

Having silos of IT "doesn't work when you go to the cloud," he observed. Developers don't do everything securely, and the relative newness of concepts such as infrastructure as code and rap[id software development mean "the security aspects aren't well understood.

At the same time, IT security teams don't always have visibility of what developers are doing.

But cloud security is "not necessarily harder than normal security, just different," he said.

Compliance is important, and those involved need to understand risks and what's required in terms of reporting and auditability.

It's also important to understand the shared responsibility model. For example, a cloud provider will ensure the physical security of its data centres, but it's up to the clients to control access to their systems.

Getting that wrong comes at a cost. Even some telco-class organisations and companies that were born in the cloud have been known to make mistakes. One of the most common types of error is misconfigurations such as leaving an S3 bucket open to the world, said McCluney.

There are (at least) three ways of dealing with this. You can create your own security tools or adopt open source tools, but either way some degree of ongoing maintenance is required, and that's probably not part of your core business.

The other two approaches are to outsource cloud security, or to buy a suitable tool and use it yourself.

Either way, there is a cost. And can you trust a third party, and can they do everything you need, he asks. The answers aren't obvious, so some organisations turn to the big four consultancies for advice.

While cloud providers do offer plenty of advice, eg in the form of very detailed best-practice guides, tooling is required to put it into practice.

Trend Micro can provide that, with tools that embody hundreds of rules to check you are compliant.

Even then, some organisations will need help with implementation. McCluney suggests looking for a service provider that is certified by both the relevant cloud provider and the security tool vendor.

"Competent cloud partners tend to be competent cloud security partners," he observed.

McCluney suggested that Trend Micro Cloud One (which covers network inspection, IPS and more) can be an important part of securely combining cloud and on-premises capabilities, along with XDR ("like the security cameras at the airport") to combine telemetry from multiple sources in order to detect suspicious activity.

Combining the data gives " a joined-up story" in circumstances where any single event would be unremarkable, but their occurrence in a particular sequence indicates something is amiss.

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.

CLICK HERE!

WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.

MORE INFO HERE!


About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK