INTELLIGENT BRANDS // Cloud
Seven best practices for
securing the public cloud
/////////////////////////////
Harish Chib, Vice President
– Middle East and Africa,
Sophos, outlines seven
important steps that every
organisation can take to
secure the public cloud.
T
he simplicity and cost-effectiveness
of the public cloud have led more and
more organisations to take advantage
of Amazon Web Services (AWS), Microsoft
Azure and Google Cloud Platform (GCP).
While the public cloud solves many
traditional IT resourcing challenges, it does
introduce new headaches.
The rapid growth of cloud usage has resulted
in a fractured distribution of data, with
workloads spread across disparate instances
and, for some organisations, platforms.
As a result, keeping track of the data,
workloads and architecture changes in
those environments to keep everything
secure is often a highly challenging task.
Public cloud providers are responsible for
the security of the cloud (the physical data
centres and the separation of customer
environments and data).
However, the responsibility for securing the
workloads and data placed in the cloud lies
firmly with the customer. Just as organisations
need to secure the data stored in their on-
premises networks, so they need to secure
their cloud environment.
Misunderstandings around this distribution
of ownership is widespread and the resulting
security gaps have made cloud-based
workloads the new pot of gold for today’s
savvy hackers.
www.intelligentcio.com
Seven steps to securing the
public cloud
The secret to effective cybersecurity in the
cloud is improving your overall security
posture – ensuring your architecture is secure
and configured correctly, that you have the
necessary visibility into your architecture and
importantly into who is accessing it.
Step 1: Learn your responsibilities
Security is handled a little differently in the
cloud. Public cloud providers such as AWS,
Microsoft Azure and Google Cloud Platform
run a shared responsibility model – meaning
they ensure the security of the cloud, while
you are responsible for anything you place in
the cloud.
activities, with real-time snapshots of your
network topology and real-time alerts to
any changes.
Step 5: Automate your
security controls
Cybercriminals increasingly take advantage
of automation in their attacks.
Stay ahead of the hackers by automating
your defences, including remediation of
vulnerabilities and anomaly reporting.
Step 6: Secure ALL your
environments (including dev and QA)
You need a solution that can secure your
environments (production, development and
QA) both reactively and proactively
Step 2: Plan for multi-cloud
When planning your security strategy
start with the assumption that you’ll run
multi-cloud – if not now, at some point in
the future. In this way you can future proof
your approach.
Step 3: See everything
If you can’t see it, you can’t secure it. That’s
why one of the biggest requirements to
getting your security posture right is getting
accurate visibility of all your cloud-based
infrastructure, configuration settings, API
calls and user access.
Step 4: Integrate compliance into
daily processes
The dynamic nature of the public cloud
means that continuous monitoring is
the only way to ensure compliance with
many regulations. The best way to achieve
this is to integrate compliance into daily
Step 7: Apply your on-premises
security learnings
On-premises security is the result of decades
of experience and research.
Use firewalls and server protection to secure
your cloud assets against infection and
data loss and keep your endpoint and email
security up to date on your devices to prevent
unauthorised access to cloud accounts.
Moving from traditional to cloud-based
workloads offers huge opportunities for
organisations of all sizes.
Yet securing the public cloud is imperative
if you are to protect your infrastructure and
organisation from cyberattacks.
By following the seven steps you can
maximise the security of your public clouds,
while also simplifying management and
compliance reporting. n
INTELLIGENTCIO
67