Barracuda

Security, Access and Reliability for Cloud-Connected Networks and Applications

Rich Turner

Managing an actionable cloud security framework

by

This post is the final post in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

“And one to bind them…”  J.R.R. Tolkien

Earlier, we described an Actionable Cloud Security Framework as a loop, that feedback from one pillar feeds into the next, and the framework is continually being tuned and managed to comply with the best practices that were established as part of each pillar to keep the framework secure and compliant.  In an era of heightened security risks and concerns, compliance is taking on new meanings, not simply as complying with specific mandated written policies, but with infrastructures that maintain data and security policies that support the mandates to which those organizations are trying to comply.

Rich Turner wraps up his series on 5 pillars to a well-architected Azure security framework in this blog post on actionable security tools. Click To Tweet

To that end, a class of products is emerging, as services that monitor and manage organizations’ security postures.  Some of these products are as basic as “benchmark checkers” that will evaluate an organization’s cloud security policies against industry standards such as CIS.  Others aggregate the control planes used in the various pillars into single “pane-of-glass” management tools.  Azure Security Center and Azure Graph are examples of such products in Azure.

[Read more…] about Managing an actionable cloud security framework

The fifth pillar to actionable cloud security – Incident Response (IR)

by

This post is the seventh in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

For a number of organizations, Incident Response (IR) is the first symptom of a non-actionable cloud security framework.  Often, incidents aren’t even identified until well after they have occurred, and damage has been done.  In those cases, response quickly escalates to remediation, and there are numerous cautionary tales of companies being irreparably harmed by large and undetected breaches and incidents.

For many organizations, incident response (IR) is 1st symptom of non-actionable cloud security framework. Within an actionable IR Framework, incidents are security or compliance failures that can be found and resolved before damage is done. Click To Tweet

[Read more…] about The fifth pillar to actionable cloud security – Incident Response (IR)

The fourth pillar to actionable cloud security – Data Protection

by

This post is the sixth in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

That data moves into and through the cloud might seem obvious, but it raises new security requirements.  The very notions of data-in-motion and data-at-rest become blurred.  As an example, data protection for a network is often equated to backup, but this is overly simplistic.  Data backup is a snapshot in time of selected, any, or all data in a cloud infrastructure.  This is data at rest, and as such, it is only accurate at the point of the backup.  When backups are deployed to rectify a compromise, i.e., a data restore, significant time may have elapsed between the date of the most recent backup and the data restoration is initiated.  All the data between those two times is essentially unprotected.

Data protection for a network is often equated to backup, but this is overly simplistic.  A backup is a snapshot in time and is only accurate at the point of the backup. Click To Tweet

[Read more…] about The fourth pillar to actionable cloud security – Data Protection

The third pillar to actionable cloud security – Network Security (NetSec)

by

This post is the fifth in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here

Many organizations make the mistake of beginning their cloud security framework discussions around NetSec, as this was traditionally how they secured on-premises infrastructure, since all elements of the network were in-house and under direct IT control.  Companies erroneously assume that because they are leveraging a cloud infrastructure, either they will be less secure than when they “owned” all those resources, or that they can simply mirror their on-premises network security controls in the cloud.

Companies err in assuming that a public cloud infrastructure will either be less secure than the on-premises version, or that they can simply mirror their on-premises security controls in the cloud. ~ @rkturner1 Click To Tweet

Again, the cloud is different.  The Shared Security model under which all cloud ecosystems operate inherently guarantees security of the network – but can’t guarantee the security of the companies who are accessing it.  Or put another way, organizations using the cloud need to put security measures in place that will ensure they are not the source of threats and compromises.

[Read more…] about The third pillar to actionable cloud security – Network Security (NetSec)

The second pillar to actionable cloud security – Detection Controls

by

This post is the fourth in a series of eight on five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

This next step or pillar relies on first being able to determine who is allowed access and to what – and then detecting anomalies.  Typically, Detection Controls focus on intrusion, more commonly known as Intrusion Detection Systems (IDS).  These are automated, and are designed to monitor and analyze network traffic, and to generate an alert in response to activity that either matches known malicious patterns or is anomalous.  Some IDS controls go further:  they will trigger automated processes that can include recording suspicious activity or scanning the computers involved to try to find signs of compromise. 

An IDS differs from a firewall in that the IDS looks for intrusions that 1) have already occurred 2) are currently underway, or 3) originate from within the network. ~ @rkturner1Click To Tweet

[Read more…] about The second pillar to actionable cloud security – Detection Controls

Planning another great year with Microsoft at Ready Winter 2019

by

Barracuda is looking forward to being a part of Microsoft Ready in Seattle this week. If you’re a Microsoft internal team member attending this kickoff event, we look forward to connecting and celebrating with you in the shared area (Booth #213) in the Ready Zone or at the happy hour we’re hosting on Tuesday.

Over the years, Barracuda and Microsoft have shared a rewarding partnership, and we look forward to continuing to work together to find new ways to provide security solutions to Microsoft Azure customers and ensure we ware tightly integrated.

Barracuda looks forward to continuing to work together with Microsoft to find new ways to provide security solutions to Microsoft Azure customers and ensure they are tightly integratedClick To Tweet

[Read more…] about Planning another great year with Microsoft at Ready Winter 2019

The first pillar to actionable cloud security – Identity and Access

by

This is the third post in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

Since the cloud isn’t an on-premises solution, securing access is a natural starting point.  Traditionally, customers look at identity management and access management from the standpoint of users.  Users, which can be further categorized into groups, will also have associated roles, and permissions associated with these roles.

Even within similar organizations – example, a company may have multiple groups within a larger development organization, with different permissions associated both to the roles those users have and the groups to which they belong.   It is not necessarily a linear relationship.

'As organizations look to leverage cloud services for transformation, they must be sure to understand those services in terms of how they are accessed and managed.' ~@rkturner1Click To Tweet

[Read more…] about The first pillar to actionable cloud security – Identity and Access

Five Pillars to a well-architected Azure security framework

by

This post is the second in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

The cloud is transformational – but the cloud is different.  Companies migrating to the cloud quickly – and sometimes painfully – learn that translating their on-premises security framework to the cloud is more difficult than they presumed.  Not all on-premises solutions will work the same if at all in the cloud, cloud infrastructures themselves contain numerous security services that need to be incorporated, and the very mechanisms behind operating securely in the cloud are different than traditional on-premises solutions.

[Read more…] about Five Pillars to a well-architected Azure security framework

Protection at the data plane

by

This post is the first in a series of eight on the five pillars to actionable cloud security.  For the rest of the series, visit the Five Pillars blog page here.

“The number of records breached due to misconfigured cloud servers, in particular, shot up by 424 percent compared to the previous year,” IBM concluded in its X-Force Threat Intelligence Index 2018.  It’s a sobering statistic – but not one which surprises us.

As one of Microsoft’s top security providers, we’ve protected a lot of Azure workloads.  As an AWS supplier with two security competencies, we’ve protected a lot of AWS workloads.  So as they say in those catchy insurance commercials, we know a thing or two because we’ve seen a thing or two.

[Read more…] about Protection at the data plane

Azure Networking Update: New features, deeper Barracuda partnership

by

Yousef Khalidi, Microsoft CVP, Azure Networking, penned a blog post on Monday announcing a wide range of new features for Microsoft Azure including  100 Gbps (fastest connectivity in public cloud), availability of branch connectivity, new cloud-native security capabilities, and application performance services. Many of these new features will be discussed during Microsoft Ignite 2018, and more information can be found in the Azure Networking booth at Ignite (Booth AIC288).

Barracuda has worked closely with @Microsoft over the past several years to ensure our that our public cloud solutions are the perfect fit for @Azure' ~Rich TurnerClick To Tweet

These new features are part of the Azure mission, per Yousef, to “provide comprehensive networking services that are easy to deploy, manage, scale, and monitor. Customers continue to ask for better ways to connect to the cloud, better protection of their cloud workloads, optimal application performance delivery, and more comprehensive monitoring services.”

[Read more…] about Azure Networking Update: New features, deeper Barracuda partnership