Climbing Past Cloud Security Complexity

Security is hard. Cloud security is even harder, but with the right strategy and methods it’s possible to design more secure systems. By Samuel Greengard

Reader ROI:

THE CLOUD makes security exponentially more complex, and the old rules and standard tools for securing the network don’t apply.

CLOUD PROVIDERS offer strong native security and tools, but integration with legacy IT systems introduces greater risk.

MSPs NEED TO RETHINK SECURITY as a framework woven into private, public, and hybrid clouds.

THEY ALSO NEED TO UTILIZE newer cloud tools, implement MFA technology, and have a BDR plan.

THE COMPLEXITY of cloud security serves as both a challenge and an opportunity for channel pros.

On one hand, the cloud introduces new and sometimes unfamiliar security requirements. Not only does it multiply connection points and overall exposure, it introduces more vendors and additional layers of complexity. Moreover, it’s no longer possible to rely solely on web application firewalls, data loss prevention, secure web gateways, and basic authentication tools. On the other hand, channel pros who guide clients through the maze and help them arrive at more secure IT frameworks can boost trust and, ultimately, achieve deeper relationships based on value.

While securing IT systems and locking down data has never been simple, it’s grown exponentially more complex in the era of cloud computing and widely dispersed systems. Today, data and information flow across devices, offices, and companies. “It’s a borderless world of data,” observes John Yeoh, global vice president of research at the Cloud Security Alliance (CSA).

It's safe to say that the old rules of security don’t apply in the cloud. MPLS networks with fixed providers have fallen by the wayside. Many on-premises tools and applications don’t work well in the cloud, where servers and containers are typically software-based. Names and IP addresses constantly change, and businesses frequently don’t have full control over containers, applications, and more.

“You’re often subscribing to someone else’s application, and there’s often a greater degree of abstraction because you don’t own the network or the virtual machines,” says Steve Riley, senior director of research at IT consulting firm Gartner. Given that lack of control, “it’s necessary to move away from the idea of a secure network of systems and enable a network of secure systems. This means hardening the host or container because that’s what a subscriber has control over,” Riley says.

In the cloud age, therefore, managed service and IT solution providers need to rethink the way they design cybersecurity solutions. “Cloud security requires a different mindset and a different framework—and it is evolving rapidly,” says Joe Vadakkan, global head of cloud security at cybersecurity integration firm Optiv. “It increasingly requires highly automated and scalable solutions.”