Key investment priorities to secure your evolving cloud environment
How to reshape your security investments after a rapid move to the cloud has changed your business.
Is Coronavirus the biggest ever cloud adoption accelerator?
Judging by the number of businesses that have accelerated their migration plans to cope with the pandemic, I think so. Recently, it’s not been unusual to see customers executing cloud migration projects in just three weeks, rather than a more typical 18 months.
Has cloud adoption left your business vulnerable?
I’m talking to lots of customers who’ve had to make rapid shifts to the cloud without the time to fully consider the security implications. When the pandemic hit, the pressure was on to get the job done as quickly as possible, and this involved lots of workarounds and compromises. They didn’t have time to do impact assessments and sometimes even had to relax or even remove security controls to address capacity constraints brought on by the break-neck shift to remote working.
Businesses that would normally only allow access to a cloud service via a company laptop suddenly had to allow access via personal devices, because all the company hardware was stuck in the office. And businesses that only wanted employees to access the corporate network through a VPN had to allow access via the cloud because they just didn’t have enough VPN capacity.
Now though, the initial move is complete. It’s time to take a breath and make sure they’re shaping their security to fit their new IT architecture, plugging any vulnerabilities created accidentally. Do they have the right security controls, policies and cybersecurity architectures that they need?
Where to focus your security investments as you shape your organisation
When talking to customers, I recommend they start by establishing where their physical assets and corporate data are located. Then it’s sensible to review any policy changes made to firewalls before assessing the specific threats their business faces. No one has the budget to invest in security for the sake of it, so it’s important to be able to identify and prioritise the most vulnerable areas. Businesses can do this by using threat intelligence information that looks at what might affect vertical markets and specific geographical regions. By combining this insight with an assessment of their security architecture, organisations can pinpoint where to invest and make a case to the finance team.
I recommend focusing investment in the following areas of security:
- Identity management and governance
Moving to the cloud makes the perimeter of the company less important as a control point and makes managing identities more critical. In a cloud environment it’s essential that employees can only access the applications and data they have permissions for, and that these permissions are revoked when people leave the business. Check your business has multifactor authentication and the right identity policies and governance in place.
- Data security
You should take another look at the shared responsibility model that most cloud services providers use when it comes to security. Whilst the hyperscalers will ensure the integrity of their infrastructure, the responsibility for data security lies with the business storing and processing the data. I recommend that all businesses use a cloud access security broker to monitor access to the data they have sitting in the cloud. It’s ideal for monitoring corporate information to assess its security and who is accessing it, as well as checking whether employees are using cloud services they shouldn’t be using.
- Endpoint security
In a cloud environment, much more corporate information exists in the hyperscaler’s cloud or at the endpoint device, not inside the corporate network. Cybercriminals know this and have focussed their attacks on the recently increased remote workforce. You need to make sure that you have robust endpoint security that not only protects against known attacks but also includes detection and response capabilities to address new threats.
- Threat management
Now businesses have made the shift from keeping data within a rock-solid corporate perimeter to a highly distributed architecture, having visibility over their assets is even more important. Threat Management services, the best of which combine security expertise, context-aware threat intelligence and tools to monitor (or even hunt for) and manage critical incidents can oversee your infrastructure and traffic to identify and deal with any suspicious activity that could indicate a cyber-attack.
A security-led investment strategy
What’s really struck me is how the pandemic has changed the focus of cloud strategies. I’m finding that investment decisions are becoming security-led rather than IT-led. Cost has been less of a factor in the short term, although I suspect, given the current economic climate, that there will be renewed focus to make sure that any long-term investment is as cost efficient as possible. In fact, as companies realise the economic benefits of outsourcing to managed cloud providers, I think they’ll also consider outsourcing more of the day to day management of their wider security solutions to managed security service providers.
If you’d like to find out more about how to shape your cloud strategy, listen to our webinar or get in touch.