The dynamic, automated and shared nature of public cloud computing makes it seem difficult to secure cloud environments with best practice procedures. However a strong security posture is possible with the right approach.
Cloud computing changes network security risks. For example, traditional data centre applications use a wide range of ports for increased security. These are rendered ineffective once the applications are moved to the cloud. Cybercriminals are increasingly creating sophisticated, port-agnostic attacks that use multiple vectors to compromise their target, hiding in plain sight and using common applications to target organisations.
We have identified the top three requirements for securing the cloud.
1. Be consistent
The same levels of application control, rogue and misconfigured application handling, and threat prevention are needed to protect both the cloud computing environment and the physical network.
In order to maintain a strong security posture, organisations must understand that applying appropriate security practices consistently across physical and virtualised form factors. Failing to do so can place important data and intellectual property at risk, and result in compliance issues.
2. Apply zero trust principles
For decades, information security best practices have dictated that mission-critical applications and data be separated into secure segments on the network. This is relatively straightforward to implement in a physical network within an enterprise data centre using firewalls and VLANs managed by policies based on application and user identity.
In a cloud computing environment, direct communication between virtual machines within a server occurs constantly, in some cases across varied levels of trust. This makes segmentation difficult, especially as cloud applications are based on the notion of shared resources.
Organisations can mix application workload trust levels on the same compute resource. This can help to control traffic between workloads and prevent threats moving laterally.
3. Manage security centrally
As organisations balance their physical and virtual IT investments, it’s important their chosen security solution is capable of spanning both environments. For best results, this should be implemented via a centralised interface, with consistent policy management and an enforcement framework that provides enterprise grade security for all operations.
We must assume that not all cyberattacks can be stopped. However, cybersecurity prevention is possible to the point where the number of successful cyberattacks is reduced, making it manageable from a risk perspective.
Sean Duca, Vice President & Regional Chief Security Officer – Asia Pacific, Palo Alto Networks