Assimilation of Security Technologies into Cloud Platforms
Cloud is the future and organizations around the world are adopting cloud platforms for managing their IT resources. According to a recent Gartner report on the cloud computing trends in India, the enterprise IT spend on cloud computing increased to $71 Billion in 2016, a six percent increment from 2015i. The trend is slated to continue. The same Gartner report positioned cloud computing to constitute a major share of the IT investments this year. With an increased rate of adoption and especially post recent cyber-threats like WannaCry and Petya, organizations across the world have realized the importance of cloud security and are working towards safeguarding their cloud.
Cloud Platforms are taking action
Technologies such as storage compression and WAN optimization were first introduced as standalone products, but over time became features of the underlying storage and networking platforms. Cloud providers like Amazon Web Services(AWS) and Microsoft Azure are investing huge amounts on foundational security and governance capabilities toenhance platform visibility and for providing better and secure solutions.
This trend is increasingly becoming a necessity and they are being assimilated into cloud platforms as core offerings. This further strengthens the security portfolio of these platforms, securing them against common web vulnerabilities like command injection, HTTP request smuggling, remote file inclusion attack etc. Centralized management ofsecurity and cloud services ensures maximum level of control and governance of all the cloud resources, increasing their efficiency.
A few good examples of such integrations
- Web Application Firewall (WAF) with pre-configured OWASP MoD Security Core Rule Set, which was first introduced as an advanced protection product is now offered as a native service by AWS and Microsoft. A product focused on IP heavy areas, the centralized WAF provides protection against web attacks and simplifies security management and it can react to a security threat faster by patching a known vulnerability from a central location.
- DDoS mitigation, the tool used for resisting or mitigating the impact of distributed denial-of-service (DDoS) attacks. The DDoS tool will always monitor and automatically inline mitigations to keep the site running. By bundling DDoS mitigation into their product. Azure and AWS (AWS Shield) are further solidifying their presence as a multi-talented product for all the cloud needs in the present technology environment.
- Amazon Inspector, an automated security assessment service, is another good example for integrated services. It analyzes the behavior of AWS user resources to identify potential security vulnerabilities as well as deviations from best security practices to improve the overall security and compliance on AWS. It also serves as a host security service for Linux and Windows workloads (GA 2016).
The Road Ahead
An integrated cloud security platform with features such as AWS CloudTrail and VPC flow logs as well as control capabilities such as Identity and Access Management (IAM), is the way forward and enterprises can use it for resolving numerous issues with effective cost savings. But at the same time maintaining these platforms becomes necessary. By using a good end-to-end infrastructure management service that includes modules such as IT and product support, cloud management, information security and IT asset management including data centers, companies can boost performance and productivity without having to worry about IT platforms or their security.
October 8, 2018
September 27, 2018