For reasons ranging from increased efficiency to cost savings, a large number of organizations both public and private are in the process of migrating critical business processes from traditional IT infrastructures to more complex, yet flexible architectures in the cloud.
Mainstream security strategies and controls were already struggling to keep up with the rapidly evolving threat landscape, and we are quickly learning that these traditional tools and tactics are mostly – if not completely – inadequate for the challenges we face in cloud computing environments.
The combined dynamics of rapidly-changing elastic infrastructure in the cloud and today’s accelerated threats creates a dangerous failure scenario for businesses hinging their security strategy on legacy technologies.
To put it bluntly, security technologies built for the datacenter have no place in the cloud. They are the technological equivalent of the amphibious car – they look and act out of place, don’t take full advantage of their environment, and are operated by specialists in less-than-elegant fashion.
The SANS Report
The State of Dynamic Data Center and Cloud Security in the Modern Enterprise (gated), authored by SANS analyst and network security specialist Dave Shackleford, found that 44% of respondents say their cloud providers don’t allow them the visibility they need to properly secure their cloud infrastructure.
Furthermore, nearly one-in-five (19%) said that their public cloud providers don’t offer access to the “tried-and-true security technologies” that enterprises have become accustomed to relying on.
It’s clear from the numbers that traditional security tools are not making the leap to the cloud along with the organizations who employ them.
SANS found that while 75% utilize identity and access management tools in their data centers, only 31% use them in their cloud deployments. Similarly, where 63% use a SIEM in traditional data centers, only 25% do in the cloud.
“This seeming reduction in use of security tools is a huge issue for many organizations today, given the fact that many public cloud providers don’t currently offer or support many security tools considered standard by most security teams,” Shackleford said.
This might lead some to infer that cloud providers are simply not supporting their customers’ existing security technologies as they transition to cloud infrastructures – but that’s not the key takeaway from these trends.
Assimilating New Tools
The truth of the matter is that cloud environments are fundamentally different from their static on-premise counterparts, and as such require an entirely new way of thinking about and administering security best practices – and this means that we need a new generation of solutions.
We can all agree now that the cloud – public, private, or hybrid – is the future of data centers for organizations large and small, and that means developing new security technologies that support this future.
Sure, service providers like AWS do offer some limited security tools – like AWS Web Application Firewall, Config Rules, and Inspector which were released at re:Invent in Las Vegas recently – but they are not designed to be as robust or effective as offerings by AWS Security Partners.
In fact, the general appearance of these new AWS offerings indicates a low-level support for base security implementations that really require more sophisticated technologies overlaid upon them to be useful.
“While some cloud providers do have security offerings available, they fall far short of the security stack used by most survey respondents… Tools and processes that can enhance visibility in cloud and datacenter environments should be a high priority for organizations,” Shackleford said.
Developing a New Mindset
Cloud users need to remember that a platform is not a product, but a constantly growing and evolving entity that will continue to change as the cloud ecosystem continues to evolve.
The focus for providers will undoubtedly remain on securing the cloud platform itself, leaving any individual’s cloud deployment largely their responsibility to keep secure – as is exemplified by the AWS Shared Security Model.
Customers must take control of their piece of this model and implement security automation, continuous monitoring, and a remediation program to protect their cloud interests during the entire business lifecycle.
It’s time to change your mindset, and understand there are a growing number of security solutions available that are tailored to the cloud, some of which are completely frictionless and offered as true SaaS offerings that can bring a wealth of visibility and control to your environment.
“It’s obvious that we need a new way of approaching enterprise security, especially in light of the dynamic nature of workloads used across in-house data centers and cloud provider environments,” Shackleford noted in the SANS report.
“Without the ability to implement security controls… organizations leave themselves vulnerable to continued security incidents.”
You Are Not Alone
The cloud requires an new way of administering security best practices, and this means that you need to seek out a new generation of solutions that are uniquely adapted for cloud infrastructure security.
So grab a cup of coffee, let go of your traditional datacenter security strategy, and embrace the fact that you aren’t alone in this fight – we can help.