Moving your communications platform to the cloud can solve a number of cybersecurity issues. You don’t have to worry about countering the latest malware or missing an important security patch because cloud providers typically have extensive resources and experience in protecting your data and applications.
But as an Avaya IT professional, you still need to secure your endpoints, servers, network and broadband connections that send data from your users to the cloud and back again. That includes being able to verify those connections, authentic users, block suspicious traffic, and be alerted to unexpected network behavior. Of course, you also need to understand the processes used to manage the security and compliance risks of your cloud provider.
When looking at a cloud solution, a private or hybrid platform will typically offer a higher level of security than a public cloud. That can be an essential feature if you need to secure confidential personal financial information, patient medical records or the trade secrets from your own organization. These are the “crown jewels” sought by cyber criminals around the world.
A recent Gartner report, “Top Actions From Gartner Hype Cycle for Cloud Security 2020,” noted that the threat landscape has changed in the past year along with the global remote working trend.
“Cloud computing has proven battle-ready,” said Steve Riley, senior director analyst, Gartner. “During COVID-19, cloud demonstrated it can support unplanned and unexpected needs. Organizations may no longer question its utility, but security remains a commonly cited reason for avoiding it. In reality, the public cloud can be made secure enough for most uses. You can stop worrying about whether you can trust your cloud provider.”
Cloud security technologies
Here are some of the technologies Gartner has highlighted when exploring cloud security solutions:
• Secure access service edge (SASE), an approach that supports secure branch office and remote worker access. SASE’s cloud-delivered set of services, including zero trust network access and software-defined WAN, is driving rapid adoption. Gartner predicts that by 2024, at least 40 percent of enterprises will have explicit strategies to adopt SASE, up from less than 1 percent at the end of 2018.
“COVID-19 has highlighted the need for business continuity plans that include flexible, anywhere, anytime, secure remote access at scale, even from untrusted devices,” said the report. “SASE enables security teams to deliver secure networking and security services in a consistent way, to support digital business transformation and workforce mobility.”
• Cloud security posture management (CSPM). It is becoming increasingly complex and time-consuming to determine if public cloud applications and services are configured securely. Even simple misconfiguration issues represent significant risk, as evidenced by several recent public data disclosures.
For enterprises that have a multicloud strategy, CSPM assures business and security leaders that their services are implemented in a secure and compliant way across multiple cloud infrastructure as a service (IaaS) providers, said the report. “First, investigate your cloud provider’s own risk posture assessment capabilities to see if they will satisfy the requirement, even if they fall short of commercial offerings,” Riley said. “Also check if any products you already have include CSPM capabilities.”
• Cloud access security brokers (CASBs). These tools are designed to protect data stored in someone else’s systems. They enable organizations to achieve consistent security policies and governance across many cloud services and demonstrate that cloud use is well-governed.
“This high-benefit technology has entered the mainstream and the number of vendors has stabilized,” said Riley. “Given continued feature expansion and relative ease of switching, we recommend seeking one-year contract terms over lengthier ones.”
• Confidential computing. This is a security mechanism that protects code and data from the host system. By making critical information invisible to third parties, including the host, it potentially removes the remaining barrier to cloud adoption for highly regulated businesses in the financial services, insurance and healthcare sectors.
For example, a retailer and a bank could cross-check customer transaction data for potential fraud without giving the other party access to the original data. While confidential computing is highly useful in theory, Gartner anticipates a five- to 10-year wait before this security technology in regular use.
Clearly, cloud security solutions will continue to evolve, and IT professionals need to discuss a provider’s future plans as well as current technologies.