Bryan Doerr is Chief Executive Officer for Observable Networks.
The many benefits of the cloud as a way to obtain data center services are well understood, including greater capital efficiency, productivity, agility, and scalability. Yet with so much to gain, why are there data center CIOs who still have not taken advantage of all that the cloud has to offer? The answer is security. There is still a common misconception that there is a security risk associated with public cloud services and that outweighs its benefits.
It’s hard to say why this misconception still exists. It may be that executives simply don’t fully understand all of the security attributes that come with public cloud services — especially AWS. Or, it could be an issue of control because IT leaders believe they can secure assets more effectively.
It is 2017, and there are still some data center CIOs who have not accepted the possibility that the public cloud can be more secure than most on-premise platforms and (especially) legacy infrastructures. There has been a change in the marketplace, and it confirms that the cloud has been a great catalyst for innovation. As a result, there are cloud service providers that have developed platforms with extensive abilities to monitor, detect, and identify potential threats, and there are third parties rapidly creating advanced security tools to leverage these platforms. After several years of improvement and innovation in cloud services and now broad market acceptance, CIOs need to take another look, especially where security concerns dominate their risk equation.
To make the above ideas more concrete, we need to consider two levels of security for cloud platforms: 1) the security of the platform as provided by its instrumentation and integration of configuration and event information, and 2) the ability of the platform to support the detection of threats that can only be found through the behavior changes that they induce.
Security of the Cloud Platform
Cloud service providers address through scale, maturity, integration and homogeneity, the many information-security problems faced by CIOs. They have successfully overcome three challenges related to conventional (on premise) data centers today, including:
- Visibility: Cloud platforms provide a detailed understanding of how users, applications, and IT resources are behaving. Users can easily see account usage, user behavior, infrastructure management, application/service activity, network activity, and more.
- Fully integrated identity and access management services: Cloud platforms manage credentials for all aspects of cloud interaction and declare which user identities exist and what privileges they can utilize.
- Comprehensive policy declaration and enforcement: Clouds export log services enable both ad hoc and continuous auditing of your cloud’s resources and their internal configurations.
When combined, these capabilities provide a level of maturity in the cloud platform that many legacy data centers struggle to achieve, or achieve only at considerable expense and effort.
Defending Against Known and Unknown Threats
As users address these traditional challenges, they may still question how to best anticipate and defend against threats – known or unknown – on an ongoing basis in their cloud environment.
Of course, not all problems are known before they happen. New vulnerabilities, stolen credentials, and user misbehavior are all examples of issues that cannot be detected through configuration management and can lead to significant security problems. This issue points to the need for visibility into what your various resources are actually doing and what specific behaviors they’re exhibiting. As described above, this is possible in a cloud environment; yet once you turn it on, the amount of information from that level of transparency can turn into a fire hose of information. It then becomes difficult, if not impossible, to isolate one particular behavior and determine if it represents a potential security problem. However, this is where third-party innovation that leverages the cloud platform is starting to make a difference.
The Security Advantages of the Cloud – Endpoint Modeling
This is where endpoint modeling comes to the rescue. In the cloud, endpoint modeling creates and maintains a behavioral model through a real-time simulation of each of your cloud resources. It automatically discovers the role and behavior of each of your assets and then tracks that behavior continuously. Then, if one of these assets begins to act abnormally, or in a way that is unexpected, endpoint modeling generates a real-time alert. Security professionals can then quickly investigate to determine if this behavior represents a potential threat and if so, take the most effective action to remediate it.
Chances are good that the security measures provided in today’s public cloud environments already exceed what you have in place for your on-premise data center. Add endpoint modeling to the equation, and then you have what is probably a best-in-class ability to prevent and detect security vulnerabilities and threats. So if you’ve been delaying a decision by rationalizing that, “the risks are too high,” it’s quite possible that you are taking a bigger risk in not migrating your data center to the cloud.
Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Penton.