The digital transformation accelerated by the pandemic means more demand for cloud services yet the increased complexity of cloud computing has opened up more security gaps. Traditional cybersecurity has to be supplemented by cloud-native solutions, says the World Economic Forum.
We are now a year into the coronavirus pandemic, which has transformed the way we conduct business. For many, it has been a year since stepping into the office or on to a plane – and yet business has continued and digital transformation has accelerated.
Digital transformation has been happening for years, but the pandemic forced the hand of many organizations, as they changed the way they operate and how they provide value to their customers. In turn, this change has meant an increased demand for cloud computing, which provides most of the foundations, tools and infrastructure to fuel the transformation. This model allows companies to focus on their own business excellence, while leaving the overhead of their non-core business elements, like infrastructure, platforms and software, to cloud vendors.
This shift has provided organizations with the following benefits.
* The nature of cloud services allows companies to pay only for the resources they use whether IaaS, PaaS or SaaS. This service-based payment provides organizations with the ability to shift from capital expense (CAPEX) business model to operating expense (OPEX), which often results in significant cost savings.
* Scalability, where computing, network and storage capacities can be increased and decreased almost infinitely and almost immediately in response to fluctuations in demand.
*Agility, where developers can make continuous improvements to applications and these improved applications can be deployed to customers multiple times per day.
*High availability, disaster recovery and redundancy is improved by cloud vendors who provide service guarantee for computing resources availability and multiple geographical availability zones.
However, even with all of these benefits, rapid transformation has opened many security gaps for organizations. In fact, some world leaders in the cybersecurity space, including the World Economic Forum, predict that this rapid and unplanned move will result in a cyber-pandemic down the road. A recent cloud security report showed that 66% of survey respondents believe that traditional security solutions either do not work or have limited functionality in the cloud – and they are not far off.
To be prepared for tomorrow’s attack vectors, you need to use cloud-native solutions to secure your cloud deployments so they can meet the dynamic and scalable cloud computing requirements. Given how the growing threat landscape jeopardizes the benefits of greater cloud adoption, here are five strategies you could push through in your organization to protect it now and in the future:
1. Consult with a trusted cloud security advisor in order to benefit from industry best practices and build cloud security into the design. Cloud security misconfigurations expose organizations to risky and expensive cloud security threats, which cause real danger well before the threat can be managed. Make sure to work with a professional fully trained on these threats and who can help implement the best possible solution to protect your environment.
2. Consolidated threat-prevention cloud tools. Cloud security is much more complex than traditional on-premises security because instead of one perimeter (the network link connecting your company to the internet), you now have multiple perimeters: including each cloud computing service, each employee and access role accessing those services, each new data storage, and each different workload or application operating in the cloud. While each cloud provider has its own security services, there are thousands of third-party vendors providing cloud security solutions to complement and enhance those of the cloud vendors. Each additional such “point solution” in your organization has staffing, training, deployment, integration and maintenance requirements. More point solutions cause an exponential increase in complexity. Evaluate cloud security solutions that cover the broadest range of capabilities instead of multiple solutions with narrower functionalities. This will give you a broader range of security with less to manage.
3. Centralize visibility. Visibility is particularly important in cloud security, because you can’t secure what you can’t see. With so many different resources running across multiple public and private clouds, visibility becomes an even greater issue. Implement a cloud security solution that will also provide you with broad visibility across your environments, and leverage AI and machine learning to allow you to take action on the alerts that matter. This integration will also help identify blind spots where hackers often lurk.
4. Perform regular risk management exercises for every possible and impossible cloud security solution. Disaster recovery is the new normal. Refer to the example of Gas South, who suffered from power outages and needed to ensure scalable and secure remote access for their call centre employees to their cloud provider. They were very pleased that they could offer their employees the benefit of working one day a week from home – and then the coronavirus pandemic struck and sent all their employees home anyway. Conduct stress tests to ensure the deployment truly does securely scale without impeding performance.
5. Trust no one. Adopt zero trust security in everything that you do, for networks, people, devices, data and workloads. Make sure there are security perimeters around each of these areas and that your organization is only giving access based on minimum permission and privilege levels to both its people and applications.
In a post-pandemic world with accelerated cloud computing, a remote workforce, dynamic network access and more attack vectors for cloud threat actors, you need to ensure your business is secure in the cloud, and be ready for the coming cyber-pandemic. Now is the time to make cloud security your key business enabler.
By Tsion Gonen & Rafi Kretchmer
About the authors: Tsion Gonen is Head of Cloud Security Strategy, Check Point; Rafi Kretchmer is VP, Product Marketing, Check Point Software Technologies.