There is no shortage of news on public cloud adoption trends in our industry, but what isn’t regularly making the headlines is the trend towards multi-cloud adoption. Industry experts and analysts like Gartner recommend standardization on multiple IaaS cloud service providers as a security and availability best practice.
Their recommendation for security workloads in public clouds is a hierarchical list starting with foundational items that fall under operations hygiene (access control, configuration, change management) and then focus on core work-load protection like vulnerability management, log management, network segmentation and whitelisting.
It is also recommended that organizations do not place too much trust in traditional endpoint protection platforms commonly used in physical/on-premise deployments.
So the general best practice recommendations focus on workload security, but what does that mean for security operation professionals that have a solid understanding of what success looks like in traditional enterprise environments? What do they secure first? What security technology should they choose? The criteria that should be considered in answering these questions should be influenced by “shared responsibility models” from the cloud service provider as well as common compliance mandates as a start.
Once they are understood, it is time to identify the most critical assets (as part of a workload) that require the highest level of protection.
Equally important and often overlooked is the security of access control at the application layer (think databases or other data-driven controls). Every CSP is different and sometimes these models overlap or conflict with existing best practices and corporate security mandates.
Keep calm, the experts advice
All of this can be incredibly overwhelming for enterprise professionals, and it takes more than simply installing software to accomplish an effective security model. First and foremost, businesses should never be afraid to ask for help and seek the aid of security professionals who are subject matter experts and can work with enterprises throughout all phases of a successful security plan. Beyond seeking quality assistance.
Securing the cloud workload
Securing the cloud workload should be the first priority. The basic foundational requirements of this process start with access controls. Server workloads should absolutely determine who or what has access. This also means having tighter controls over administration access and the utilization of multi-factor authentication.
Having established proper access control, the configurations will have all unnecessary components removed and it should be hardened and configured strictly in line with the enterprises standard guidelines, and it must be patched regularly in order to close up potential security holes.
Another foundational component of workload security comes from network isolation and segmentation. This process of limiting the server’s ability to communicate with external sources can be done either via internal firewalls or the external firewalls on Windows or Linux. While this segmentation is important, enterprises should also closely examine the logging capabilities of their systems. Logging systems allow security managers to keep a close eye on the overall health of a security plan.
A final point of concern regarding security cloud workloads is secure code and application control. Applications are a popular avenue of approach for potential attackers and they should be as secure as possible. This is best done by keeping security in mind from the very beginning of an applications lifecycle.
Whitelisting should be utilized to limit what executables are allowed to run within a system. This simple step is a powerful security tool as all malware in the form of an executable will be immediately prevented from running.
Developing a solid workload protection scheme should be top priority for any enterprise utilizing cloud infrastructure services. As important as this step is, it is important to remember it is only one part of an effective security plan. Having considered workload protection, enterprises should then go on to evaluate a number of other aspects of their security plan.
It is also important to remember that cloud security is a shared responsibility, and no matter what cloud platform you are utilizing it is essential to be crystal clear when considering who is responsible for what aspect of security. With a solid security plan in place, the power of the cloud can be utilized to the fullest extent while giving enterprises the peace of mind they deserve.