Cloud Security - after the turbulence.

Updated: Feb 12

Empowering, Transformation & Trust.


Cloud enables innovation and empowers transformation. Whether born in the cloud or moving to the cloud, it is more than a technology and for any modern organisation, it’s a business enabler to be more agile, more competitive and to be a leader.


The world is heading towards a more digitized future, and it has passed through an unprecedented turbulence caused by covid-19 pandemic. This has really affected the operations of many industries in a way that was unforeseen 2 years ago. Cloud Security must be part of every cloud journey across every working environment. As cloud enables business, cyber security enables cloud.


One aspect of new-normal has had employees working remotely for their organizations. The world had not considered planning for cloud systems and data protection. Cyber security ensures organizations use solutions in IT security that are enables controls, policies and technologies that protect the data in the cloud and applications hosted in the cloud from threats that occur from this new-normal. The threats include viruses, phishing attacks, ransomware, and denial of service, malware and unauthorized access to data and applications.


However, as the industries find ways to navigate through the winds of change in a digitized world the experience has been that of headwinds, crosswinds and tailwinds in their journey for market growth causing more industries to gain more strength for recoveries and accelerations. These aspects can be categorized as follows;


Head winds - What we faced during pandemic.

  • Pandemic management issues.

  • Supply chain bottlenecks.

  • Digital Skills Disparity.

Cross winds - the after effects during pandemic.

  • Inflationary Pressure.

  • Sustainability expectations.

  • Tech Regulation (AI Ethics/Digital Sovereignty).

  • Cyber security threats.


Tail Winds - The good and the bad of the turbulence.

  • Enterprise digital innovation.

  • Digital consumer demand.

  • Government stimulus packages - with suceesses and failures thereof.



Research shows that Cloud infrastructure and service is forecasted as next gen technology and IaaS is here to stay. The growth in the digital future has been accelerated by the Digital Innovation & Cloud platforms among other aspects. Despite the growth, there are road bumps that include:

  • Skills shortage.

  • Cultural and organizational maturity.

  • Digital Sovereignty.


SECURITY CONCERNS RELATED TO CLOUD

  • Data protection.

  • Identity & Access management.

  • Regulatory compliance concerns.

  • Governance.


WHAT CUSTOMERS WANT FROM CLOUD.

Key Attributes of a Strategic Cloud Provider

  • 33% value for money

  • 28% digital trust

  • 26% customer experience

  • 23% openness (least lock – in)

  • 16% digital sovereignty


RECOMMENDATION - DESIGNING TRUST FOR A WORLD OF CLOUDS

  • Cloud architectures are increasingly diverse and need to be secured.

  • Application migration strategies are diverse and create different challenges.

  • Cloud security needs to be addressed for cloud success.


SECURING REAL-WORLD IaaS

  • Most cloud services are run more securely than many enterprise data centers.

  • Start with good baseline in your data center.

  • Choose secure cloud providers

  • The change in transparency and visibility is an immediate impact of all cloud use.

  • Security controls and policies (and skills) need to be extended to include cloud services – and their embedded security functions.

  • Security products that run both locally and on IaaS increases both efficiency and effectiveness.


BEST PRACTICES IN SECURITY SENSITIVE SECTORS

  • Basic security Hygiene (visibility/CM/Patching/priv manage) extended to cloud

  • Security architecture for VMware/virtualized data centers

  • 3rd party trust processes updated (or created…) to deal with Saas

  • When Dev/Test tries IaaS, Security architecture adapted to cover hybrid cloud

  • Multifactor authentication! Start with admins, infiltrate from there.

  • MFA enables persistent data encryption

SECURE CLOUD USAGE SUCCESS PATTERNS

  • .Security architecture and processes for virtualized data centers (skills!)

  • .Address new threat vectors / exploit new control capabilities.

  • .When dev/test tries laas, security team participates and.

  • .Achieves visibility control parity with DIY/data center services.

  • . Extends architecture and products to enable future hybrid cloud.


At Ariel Technology, we work with corporate CIOs and managers to create enablers for business continuity which have carried many organisations through these unprecedented turbulences. We have alligned our efforts and passion to empower businesses, consumers and gorvenment agencies to protect all their digital assets from cyber threats. IT security is our passion, whether on premise or on-cloud. We partner with global OEMs like Kaspersky for Endpoint Security, Netskope for CASB and Fortinet for Forticloud and appliance deployments.


Kaspersky Endpoint Security for Cloud.


Kaspersky Endpoint Security Cloud takes care of protecting all your desktops and laptops, servers and mobile devices. It will help to protect Windows and Mac workstations, Windows file servers, iOS and Android smartphones and tablets by ensuring.


  • Value for money

  • Digital trust

  • Good customer experience

  • Digital sovereignty


Reference:

  1. https://youtu.be/qusBSsuxnx0

  2. https://africa.kaspersky.com/small-to-medium-business-security/cloud

145 views0 comments