This post is the second in a series of eight on the five pillars to actionable cloud security. For the rest of the series, visit the Five Pillars blog page here.
The cloud is transformational – but the cloud is different. Companies migrating to the cloud quickly – and sometimes painfully – learn that translating their on-premises security framework to the cloud is more difficult than they presumed. Not all on-premises solutions will work the same if at all in the cloud, cloud infrastructures themselves contain numerous security services that need to be incorporated, and the very mechanisms behind operating securely in the cloud are different than traditional on-premises solutions.
Companies who have been successful in designing and deploying an actionable cloud security framework focus on five pillars, each of which is addressed in sequence as those customers migrate to and operate within a cloud ecosystem.
Five Pillars for Actionable Azure Security
Every vendor – as well as most consultants and most standards organization – have detailed their particular Cloud Security Framework. All of these are valid, but most constructed in a kind of vacuum. They either focus solely on that vendor’s products or look at security in the same siloed approach that has hamstrung companies from the beginning when they turn to the cloud.'Actionable Cloud Security is a cycle... Organizations who follow this methodology will create a framework that supports their cloud strategies, and increases their security in the cloud.' ~@rkturner1Click To Tweet
Actionable Cloud Security is a cycle. It is sequential, it is proscriptive, and each pillar is ultimately dependent on those that precede it to make security truly actionable. NIST’s Cybersecurity Framework is a basis for many of the best practices embodied in actionable security, and taken to its next logical step it becomes a series of sequential pillars. Organizations who follow this methodology will create a framework that not only supports their cloud strategies, but actually increases their security in the cloud, and their ability to respond to how the cloud evolves.
These five pillars are:
- Identity and Access
- Detection Controls
- NetSec – Network Security
- Data Protection
- IR – Incident Response
Customers who achieve actionable cloud security approach leverage these pillars in a sequential manner – i.e., they ensure Identity and Access requirements are understood and resolved before moving onto Detection Controls, etc. By understanding security this way, organizations can ensure they don’t miss key elements that can be overlooked when security is approached on a piecemeal basis.
Success in developing an actionable cloud security framework comes from understanding how this framework applies to a particular customer’s situation. The purpose of this discussion is to help develop an understanding of these pillars and how to approach them, so organizations can avoid the pitfalls and risks of an ad-hoc approach to cloud security.
In this blog series, we will dive into depth on each of the pillars introduced above. The next post will explore Identity and Access management.Success in developing an actionable cloud security framework comes from understanding how this framework applies to a particular customer’s situation. Click To Tweet
Rich is the Director of Public Cloud Product Marketing at Barracuda. He joined the team as part of the acquisition of C2C Systems in 2014. Rich is one of Barracuda’s public cloud experts – he works directly with the cloud ecosystems and has been quoted in eBooks from Microsoft on public cloud security. He is also a frequent contributor to Barracuda’s own cloud blogs. For our cloud motions, he helps develop strategies and execution with our partners and sales teams.
You can email Rich at firstname.lastname@example.org.