Managing your own cloud security? It defeats the object of the cloud

The frequency, sophistication and diversity of global threats continue to increase. So to take full advantage of everything the cloud gives you, you must enable relevant controls across a more complicated infrastructure.

But the flexibility of the cloud and use of integrated services make it different than securing on premise applications, workloads, and data. You have to invest in different tools, implement different processes, and find and retain staff with cloud expertise. Even though you may be doing it today, you shouldn’t deploy a new cloud-based workload without a thoughtful security strategy in place.

Part of getting cloud innovation right is enabling security up front. If it’s done properly, you can use the benefits of security solutions built for cloud to your advantage—as opposed to using legacy on-premises security solutions that will slow down your cloud deployments, and may leave your data and applications exposed. The speed of cloud innovation requires a security solution designed to work in the cloud to lower costs, speed up deployment and reduce risks. 

That’s the new economics of cloud security. 

The challenges of legacy security tooling

cloud security ebookUntil now, organizations that have addressed security have taken the conventional approach: buy and deploy third-party security software and find and retain the security staff to make sure that it is working around the clock. This is for the few companies that can afford it—since the cost to build out a minimally viable, fully functioning 24/7 security operations center can run into millions per year.

To effectively protect cloud-based workloads with the legacy approach, you would have to do the following:

  • Purchase, deploy, integrate, tune and manage a variety of security products that are capable of detecting and protecting your cloud-based workloads and web applications— all across a variety of attack vectors targeting your web- and server-based applications and their data
  • Reconfigure your cloud infrastructure to conform to the requirements of on premise security tools
  • Hire and build out a threat intelligence team that is capable of understanding the threat landscape, attack patterns and evolving toolkits used—the team need to determine when and how exposures and events should be addressed
  • Hire enough experts to staff a security operations center 24/7 to monitor your environment, filter through the thousands of events your tools are generating, and prioritize vulnerabilities to fix and identify attacks before they damage your business

Not a pretty picture - even if you do all of the above, you’ll still very likely fall short of your goal. 

The challenge of managing security in-house

It’s inevitable. In-house security teams end up struggling with a wall of noise: a glut of logs overflowing with discrete security “events” that reveal attackers attempting to penetrate systems, leaving precious little time left to deal with actual security incidents.

Typical security teams are inundated with thousands of these alerts on a daily basis. Many of them are false positives: they look like threats, but they’re really not. Meanwhile, other events that are legitimate get lost in the noise. Sophisticated attacks are leveraging methods that appear to be legitimate transactions but are in fact malicious in nature—using methods including SQL injection and cross-site scripting. These attack methods can require petabytes of security data to be analysed, since no signature or rule-based detection method alone can identify these customized attack patterns.

Why go down this path just to build another problem for yourself? Moreover, why stick yourself with a security infrastructure that undermines all the great reasons why you went to the cloud in the first place?