IT and Business Insights for SMB Solution Providers

Climbing Past Cloud Security Complexity

Security is hard. Cloud security is even harder, but with the right strategy and methods it’s possible to design more secure systems. By Samuel Greengard
Reader ROI: 
THE CLOUD makes security exponentially more complex, and the old rules and standard tools for securing the network don’t apply.
CLOUD PROVIDERS offer strong native security and tools, but integration with legacy IT systems introduces greater risk.
MSPs NEED TO RETHINK SECURITY as a framework woven into private, public, and hybrid clouds.
THEY ALSO NEED TO UTILIZE newer cloud tools, implement MFA technology, and have a BDR plan.

THE COMPLEXITY of cloud security serves as both a challenge and an opportunity for channel pros.

On one hand, the cloud introduces new and sometimes unfamiliar security requirements. Not only does it multiply connection points and overall exposure, it introduces more vendors and additional layers of complexity. Moreover, it’s no longer possible to rely solely on web application firewalls, data loss prevention, secure web gateways, and basic authentication tools. On the other hand, channel pros who guide clients through the maze and help them arrive at more secure IT frameworks can boost trust and, ultimately, achieve deeper relationships based on value.

While securing IT systems and locking down data has never been simple, it’s grown exponentially more complex in the era of cloud computing and widely dispersed systems. Today, data and information flow across devices, offices, and companies. “It’s a borderless world of data,” observes John Yeoh, global vice president of research at the Cloud Security Alliance (CSA).

It's safe to say that the old rules of security don’t apply in the cloud. MPLS networks with fixed providers have fallen by the wayside. Many on-premises tools and applications don’t work well in the cloud, where servers and containers are typically software-based. Names and IP addresses constantly change, and businesses frequently don’t have full control over containers, applications, and more.

Steve Riley

“You’re often subscribing to someone else’s application, and there’s often a greater degree of abstraction because you don’t own the network or the virtual machines,” says Steve Riley, senior director of research at IT consulting firm Gartner. Given that lack of control, “it’s necessary to move away from the idea of a secure network of systems and enable a network of secure systems. This means hardening the host or container because that’s what a subscriber has control over,” Riley says.

In the cloud age, therefore, managed service and IT solution providers need to rethink the way they design cybersecurity solutions. “Cloud security requires a different mindset and a different framework—and it is evolving rapidly,” says Joe Vadakkan, global head of cloud security at cybersecurity integration firm Optiv. “It increasingly requires highly automated and scalable solutions.”

Pages

Images

Tags: 
Cloud Security Alliance
Gartner
AlgoSec
AWS
Microsoft
Google
Rackspace
Oracle
Principal Logic
cloud access security broker
Encryption
Multifactor Authenticatio
cloud security posture management

About the Author

Samuel Greengard's picture
Samuel Greengard

Samuel Greengard, a business and technology writer in West Linn, Ore., is the author of The Internet of Things (MIT Press, 2015) and Virtual Reality (MIT Press, 2019).

 

Related News

CaaB is Readying Blue Ribbons for Two More U.S. Data Centers
March 14th, 2022
Trend Micro Centralizes Intrusion Prevention and Container Security for Amazon Web Services
July 25th, 2022
Sophos Integrates MDR Service with Third-Party Security Solutions
October 18th, 2022
Augmentt Finalizing Real-Time SaaS Security Alerting
August 2nd, 2022
D&H Distributing Hosts THREAD Event in Midatlantic
June 22nd, 2022

Related Features

The Rise of Vertical Industry Clouds
May 17th, 2022
How MSPs Can Thrive Despite Hyperscalers’ Ongoing Consolidation
June 30th, 2022
ICYMI: Our Channel News Roundup for the Week of January 31st
February 4th, 2022
ICYMI: Our Channel News Roundup for the Week of February 14th
February 18th, 2022
ICYMI: Our Channel News Roundup for the Week of September 12th
September 16th, 2022
ChannelPro SMB Magazine
SUBSCRIBE FREE!

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.