Top Four Ways to Extend Enterprise Security to the Cloud

By TechZone360 Special Guest
Wei Lien Dang, Senior Product Manager, Bracket Computing.
May 12, 2015

Limitless scalability, unparalleled flexibility and speed are making cloud computing a viable option for enterprises. Whether IT departments like it or not, business units are increasingly moving data and workloads out of the data center and onto public cloud infrastructure.

However, while ‘shadow IT’ may seem like a great idea to users, a lack of control and inherent security issues present IT departments with a big problem – how to safely and securely move sensitive workloads to the cloud while avoiding the challenges caused by other tenants and malicious threats.

Don’t worry – there are ways to deal with this seemingly intractable challenge. Enterprises can take control over their security postures in the public cloud without huge performance and complexity trade-offs. Here are four ways to ensure your workloads are secure in the cloud.

1.Encrypt Everything

Think your data is secure because it’s in your data center? Think again. High-profile breaches at Target and others have shown that physical control over data doesn’t mean it is secure. The key is to encrypt everything…and we mean everything. Broaden encryption policies to ensure entire workloads are encrypted in the cloud so that all your data is completely opaque to underlying providers and other tenants. This includes encrypting all virtual machines or container instances as well as attached storage—root volumes, data volumes and server-based instance storage. Encrypting everything provides a new boundary that secures enterprise assets wherever they are.

2.Ensure Full Visibility through Authentication

Encryption creates opacity to the outside world, but the next step is to implement authentication for full visibility. Executed well, this powerful security measure allows you to identify, authorize, verify and track every user, every resource and every access request to any application or data. It is even possible to extend authentication beyond the user and ensure that workloads only launch after pre-boot authentication to prevent any backdoor, unauthorized access.

3.Extend Existing Policies and Maintain Full Control

IT security has spent years and millions of dollars investing in corporate security policies and systems to protect enterprise applications and data. Moving workloads to the public cloud should not mean they have to leave those policies behind or improvise a solution. Take back control by creating and enforcing security policies consistently across multiple cloud environments. Make sure you get audit trails and reports for user and system activity so you can detect, prevent and mitigate the impact of any security-related incidents. Insist on maintaining ownership of trust anchors – such as key appliances, directory services and certificate authorities. In this way you can apply your best practices – for example, regularly rotating keys and re-keying data on storage volumes. This ensures that security is rooted in trust anchors that are always under your absolute and authoritative control.

4.Make Security Consistent, Transparent and Operationally Simple

Image via Shutterstock

Having identified the key pieces of your cloud security infrastructure, one hurdle remains. Too many security approaches – whether agents or

appliances – add performance and complexity trade-offs to the mix. The final key to effective cloud security is to use solutions that integrate security into the infrastructure. Security needs to be transparent to applications and applied consistently across computing environments – whether workloads are run in the data center, in a private cloud or on public cloud infrastructure.

With everything that the cloud has to offer – limitless capacity, on-demand flexibility and speedy deployment – enterprises have to find a way to make it work for them. Encrypting all workloads, implementing authentication, maintaining ownership of security policies and ensuring security is transparent to applications gives enterprises the ability to confidently leverage the public cloud while still providing the visibility and control they need. Let’s get to work!

Wei Lien Dang, Senior Product Manager, Bracket Computing

Edited by Stefania Viscusi

Related Articles

The World is His Oyster: Connected Solutions Enable Daniel Ward to See Food

By: Paula Bernier    3/16/2018

Fresh seafood can taste great, but if it is not handled properly, people can get sick, and that can lead to business closures and lost revenues. That'…

Read More

How to Get Ready for GDPR if You've Waited Until the Last Minute

By: Special Guest    3/14/2018

With less than two months until the General Data Protection Regulations (GDPR) deadline, many companies have already started making sure that their bu…

Read More

How Fintech is Helping Create Global Businesses

By: Special Guest    3/14/2018

The growth of Fintech probably has not escaped your attention. Whether you're a customer making contactless payments or an investor weighing up CFD tr…

Read More

Are We Prepared for Automation?

By: Special Guest    3/13/2018

We are barreling toward a future of automation. A great proportion of the six million US manufacturing jobs that have disappeared over the last few de…

Read More

The Dark Web - A Hot Bed for Cybercrime

By: Special Guest    3/12/2018

There is a corner of the internet that is cloaked from every day users. Beneath the typical search engines and web browsers, an illegal marketplace is…

Read More