Where Were You Born?

Exciting news from AlgoSec this week: we announced our solution for unified security policy management across hybrid cloud infrastructure. This is a key component of our “managing security at the speed of business” vision and supports our mission to automate security policy management in evolving data centers and networks.

I want to share some of our thinking behind the need to manage network security policies across on-premise and public cloud environments – but before I start, I want you to ask yourself a simple question: Where you were born?

I don’t mean for you to go on a trip down memory lane to the house you grew up in (although it’s always an interesting one!). I mean where was your IT born? Unless you are a young internet startup the answer is almost certainly not “in the cloud”. The IT of nearly every established company was born on-premise, and while many are now venturing out to cloud IaaS, the on-premise data center isn’t going away any time soon. However, I have seen many companies out there with primarily on-premise data centers asking themselves “how should I secure the cloud?”

I think that this is fundamentally flawed question.

A better question is “how do we extend our existing security practices to the cloud and unify them with our on-premise IT? This is because generally speaking, the same challenges that exist on-premise need to be addressed on public IaaS –visibility, compliance, change management and risk analysis. (For a deeper analysis of network security challenges in the cloud, check out our recent research).

In a recent presentation Gartner stated that: “Through 2019, 80% of cloud breaches will be due to customer misconfiguration, mismanaged credentials or insider theft, not cloud provider vulnerabilities.” In other words, even when you are using someone else’s infrastructure in the public cloud you’ still control most of the processes that can prevent or mitigate breaches (or are the one to blame if they do happen.).

So back to our announcement. By working alongside our customers, we feel that AlgoSec is extremely well-positioned to address network security policy management across hybrid cloud environments. Like nearly all established organizations, AlgoSec was born on-premise and we have accumulated a decade of experience managing security policies in some of the most demanding organizations in the world. Who better to now extend this visibility and control to the public cloud, and all under one unified solution? A “cloud security” solution which was born in the cloud and is limited to cloud platforms, will fall short when addressing the needs of most organizations.

Not surprisingly we are focusing initially on Amazon Web Services (AWS) – by far the most widely used IaaS solution. So if you are currently on AWS or have concrete plans to move some of your business applications to AWS, we’d love to hear from you!