20 January 2017
Blogs by author: Richard Baker, Cloud Security and Futures Architect, BT.
In our new blog series, we explore how to keep your organisation safe from the main security threats you face when using the cloud.
Cloud adoption is changing business.
The drive towards the mass adoption of cloud hosted services and applications is changing the relationships that IT and security departments are having with their business. Cloud capabilities can now be procured directly by a Business Manager within a line of business. CISOs have visibility of the network and datacentre, but remain blind to cloud activity and usage. This means they are no longer the final arbiter of what is deployed and used within an organisation.
In a recent presentation I attended, Andrew Dell of National Australia Bank, said: “What keeps me awake at night isn’t threat X, Y or Z, but becoming irrelevant.”
And a recent survey revealed that for 49% of IT leaders, security concerns were the leading barrier to moving all applications and infrastructure to the cloud. This was closely followed at 43% by the migration of legacy.
Our “Cloud of Clouds” strategy provides a key opportunity for us to outline a series of approaches as to how you might achieve this objective. As you move to the cloud, you move beyond your traditional perimeter. This exposes you to new threats that come from many more directions. And with the adoption of IoT, this is set to increase by another order or magnitude.
What organisations need to be secure in the cloud.
So, the situation is this:
- Organisations need cloud-centric collaboration for productivity, but don’t have visibility control over which cloud services are used, either by their own staff or in conjunction with partners.
- Organisations need to be able to migrate existing applications and services to the cloud and be able to both securely interconnect these applications and ensure that security policy is consistent across the new cloud perimeter.
- As applications are moved to the cloud, data needs to be protected in new ways to meet the growing requirements for compliance such as GDPR. These demand that personal data is kept secure and managed, to respect the users’ privacy.
- Cloud-based delivery of applications is often the requirement for agile development methodologies and operational models.
We’re working with a number of emerging technologies, and developing revised consulting and operational models, to meet such challenges. Technologies are evolving rapidly and the boundaries between them often blur, but they also offer opportunities for innovation.
A Cloud Access Security Broker (CASB) is one such technology that protects user access and content in SaaS services such as Office 365, Salesforce, ServiceNow and Dropbox. Although initially aimed at SaaS services, they are now also looking at how to protect IaaS applications such as those you’ve migrated from a legacy data centre. The analytics of these tools also provide the opportunity to evolve new services around secure collaboration between a client and its partners.
Keep an eye out for the first instalment.
Our new blog series, ‘Security-enabled business’, explores key security capabilities that organisations need to manage effectively in order to stay safe while capitalising on the cloud.
The series will focus on the risks of a hybrid-IT estate, consisting of public and private clouds (Infrastructure-as-a-service — IaaS, Software-as-a-service — SaaS, Platform-as-a-service — PaaS), along with internal data centres, and using both public (untrusted) and private (trusted) networks for connectivity.
In next week’s first instalment, Christopher Vieira and Jonathan Tate will discuss the importance of looking past your perimeter and into your network to spot potential threats and vulnerabilities.
Keep an eye out for our security-enabled business series, simply click on the security category to see all our security blogs.