AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Filter by Custom Post Type
Posts

Staying secure in the public cloud

by

How should enterprises go about managing and maintaining a strong security and compliance posture as they move business applications to public clouds?

This was the focus of the recent panel discussion with AlgoSec CTO, Prof. Avishai Wool and Scott Ward, AWS Principle Solutions Architect.

It’s an issue that many organizations are facing as public cloud usage has become ubiquitous, with 92% of organizations using public cloud services in 2018, up from 89% in 2017. The reasons for this ongoing adoption of public cloud are well understood: enterprises are taking advantage of its scalability, performance and cost benefits. But it also exposes them to new security and management challenges.

The panel discussion: Staying secure in the public cloud

The discussion began with an overview of the trends both Scott and Avishai have seen in how customers are embracing the cloud, and what kind of architectures they are using. Scott presented the AWS point of view – from workloads deployed in hybrid environments, to the architectural trend of companies leveraging containers and serverless computing through services like AWS Lambda. He observed that these trends indicate how businesses are increasingly focused on building and managing their code and applications, without having to be concerned about managing the infrastructure behind it: they’re leaving the uptime, availability and scalability to the cloud provider.

Avishai added his view on increasing adoption of hybrid environments, which he believes will be the norm for the coming years, as many organizations have significant investments in their on-premise datacentres. For these companies, a key focus is ensuring holistic visibility, seamless application connectivity and security management across their hybrid environment, to maximise availability and resilience.

Secure public cloud highlights

It was especially interesting to hear their discussion of the challenges that organizations face in securing their applications and data in these hybrid environments. Both agreed that while it’s far easier for application teams to spin up cloud resources and move applications to them, this makes it challenging for security teams to keep up with the pace of change, and risks opening security gaps. It’s also harder for IT and security teams to get visibility and control across their growing hybrid estates: put simply, having more moving parts makes it harder to manage everything.

To address these issues, both Avishai and Scott stated that security automation is essential if organizations are to maintain security and compliance across their hybrid environments. They discussed how automation helps to bridge the gap between security and application teams, to ensure that the organization can get the full benefit of cloud agility and scalability, without compromising its security posture.

The session concluded with Avishai and Scott giving their predictions of what we can expect in 2019 in terms of ongoing cloud adoption and security. Scott stated that AWS will continue to enhance and extend its security services, with new functions tailored to specific industry sectors and requirements being introduced.

Avishai predicted accelerations in cloud adoption even by traditionally conservative business sectors, such as financial and banking sectors. driven by the cloud’s scalability and increasingly rich functionality. He also believed that 2019 would see a step-change in cloud security, as enterprises realize that cloud visibility, management and security needs different tools and approaches to those they have traditionally used.

To get the full detail of how organizations can overcome the visibility and security management challenges in hybrid environments that use public cloud, watch the full panel session.

Subscribe to Blog

Receive notifications of new posts by email.