Posted in Articles on Thursday, August 30, 2018
by Richard Vester - Group Executive EOH Cloud Division
When it comes to the cloud, security is a moving target. Many companies jump into their cloud journeys with the expectation that security will be managed by the cloud provider. Others have delayed their cloud migrations because of security concerns. And yet others dive into their cloud journeys and only consider security as an afterthought.
You think you are secure. Are you really?
With the cloud’s distributed nature, it is easy to miss something important from a security perspective. Many organisations that have put all of the common security measures in place still find gaps through which they are vulnerable.
It is therefore important that any health check of the cloud environment includes a security check. This health check should show your security risk exposure through an audit of the environment which will indicate the current security posture and even potential mitigation actions. It should allow a business to set policies to monitor for network security, data security, and application security gaps.
There are a number of vital elements that must be included in any cloud environment to ensure it is secure. However, merely having those elements in place will not guarantee security. This is one of the reasons that Amazon Web Services (AWS) has included specific best practices in its well architected framework, ensuring that the different elements work together to guarantee a secure environment.
AWS provides a number of tools and features to provide the visibility you need to spot issues before they impact your business, allowing you to improve your security posture and reduce the risk profile of your environment. In addition, AWS provides APIs for you to integrate encryption and data protection with any of the services developed or deployed in an AWS environment.
APN Partners such as EOH can integrate these security tools with existing controls in on-premises environments, as well as enabling them within the AWS services. This allows for a comprehensive security architecture, and covers infrastructure security, access and control, logging and monitoring, configuration and vulnerability anaysis, data protection and cloud security.
Partnering for protection
As a cloud environment grows, so does the number of potential security concerns. Many companies find that their cloud growth is not managed, and their security suffers as a result.
AWS security is all about configuration. Much like flat pack furniture, all the components are there, but if you assemble it incorrectly, you end up with something that’s not quite right. While many companies manage their AWS environments on their own, having a partner keep an eye on their entire cloud environment benefits the entire ecosystem – especially security.
Most security missteps are easy to avoid with some careful forethought. Maintenance is key, too, as is assessing your infrastructure’s security regularly.
Each cloud-based platform is different, and it’s important for any engineering team to thoroughly understand what can go wrong. A partner with the in-depth knowledge of the platform can highlight focus areas, advise on best practices, and create an environment that is secure by design.
Contact us today for a free health check to test the security of your cloud environment.