Cloud security – follow these 8 tips, so that your cloud doesn’t turn into a storm cloud

Author
Markus Limacher
Published
17. January 2018

By now everyone has understood that the cloud is here to stay. It is today’s reality, and tomorrow’s as well. Moving applications and data into the cloud has a significant impact on technology and business. The question has changed, from “How can a cloud solution reduce my costs?” to “How can a cloud solution speed up my business?”. Some services are no longer available outside of the cloud. Buying a cloudless solution, for instance one that is fully on-premises, is becoming more and more difficult. We explain how to make good use of the cloud – without the storm.

Let’s begin by stating it clearly: the cloud offers several improvements over traditional solutions. It is dynamic, agile, modern, available as DevOps or on-demand; the latter can be deployed in scalability, availability, time etc., keeping costs within defined ranges.

The cloud for the needs of today and tomorrow

Cloud services are actively sought for trends such as:

  • Digitisation,
  • “Softwareisation”, 
  • IT / OT,
  • Blockchain,
  • SecDevOps,
  • Internet of Things (IoT) and Industry 4.0.

Cloud solutions can provide the headstart that can result decisive, in the increasing pressure caused by new, innovative competitors. There is hardly anything, in which the cloud cannot provide support. All you need is to start using it! The risk landscape differs in a few points from classical on-premise IT solutions, and this must be taken into account.

No cloud without a strategy

The following tips come from our security experts. First of all, for a cloud strategy to succeed, it must define how to handle the opportunities, challenges and conditions brought along by the cloud. It is also important to define the actions, that on the one side will minimise the risks introduced by the cloud, and on the other, allow to take advantage of the new chances.

It is imperative that the following aspects are taken into consideration:

  • Data, and their classification: Where and how are your data stored? The implications reach out to security, and to the compliance with bylaws and regulations.
  • The appropriate depth of integration and the appropriate time of implementation: Put your internal specialised knowledge into service, to help define planning, migration and commissioning in the optimal way. Start small, and grow your cloud according to your needs.
  • The ideal cloud model:  What is best for your needs? Public, private, or maybe a hybrid multi-cloud model?
  • Service model:  You should make your mind on which solution is the right one for you: Platform as a Service (PaaS), Infrastructure as a Service (IaaS) or even better Software as a Service (SaaS)?
  • The right cloud partner:  There are a host of providers, and you can quickly get lost. Choose your partner by taking a good look at their professionalism, know-how, experience and of course the service portfolio.

Cloud services – more than just business solutions

The concepts of IaaS, PaaS and SaaS have established themselves, yet the cloud is never at a standstill. It is subject to continual development, and new functionalities are made available all the time: an example being the so-called “Application Container Solutions” for enterprises with SaaS. These solutions offer a control level and a registration service, hosted into a container service.

Container environments can be shifted between platforms and cloud providers, depending on load, availability and scope of use. In this way, new interesting approaches to the use of the cloud are made possible. Application container solutions can also be used to isolate applications and data in containers, with the help of operating systems virtualisation. Here are some of the advantages of this kind of solutions: 

  • Applications can be made portable,
  • applications used independently from individual machines and servers, keeping the focus on the application itself,
  • version tracking,
  • reusability of components.

Control accesses through the cloud provider, and use shared guidelines. Your application will stay independent from the provider, which goes towards the implementation of a compliant multi-cloud strategy. 

8 steps towards top protection of your data

Traditional perimeters are losing ground, and becoming ever more de-centralised; and you must take this into account. A security solution must be adapted to the existing requirements, whether it be in the cloud or on-premise. The following eight steps put you on the right side, in securing your application and protecting your data according to its needs:

  1. Management of identities and accesses:  Guidelines for security and access to applications being run in the public cloud.
  2. Single Sign-on (SSO) and Cloud Federation:  Simplified and secure access to applications like Web Application Firewall (WAF), from anywhere.
  3. Protection against DDoS (Distributed Denial-of-Service).
  4. Data encryption, whenever possible – and if it makes sense.
  5. Monitoring stepwise, to check applications and platforms.
  6. Integration of networks like WAN, LAN, mobile, support and partner networks etc. 
  7. Independence from (Cloud) Providers
  8. Monitoring and control of data traffic to and from the (public) cloud.

Control accesses through the cloud provider, and use shared guidelines. Your application will stay independent from the provider, which goes towards the implementation of a compliant multi-cloud strategy. 

Fair weather instead of stormy clouds

You need a clear strategy if you must protect your data in the cloud against security breaches, violation of privacy and other incidents. You also need a detailed roadmap, cloud workload management, data protection, activity monitoring, threat monitoring, data loss prevention and identity and access management. This is the only way to make sure that your way into the cloud does not turn into a storm, but rather into a successful fair-weather-cloud.

Multi-cloud: more freedom = more complexity?

Multi-cloud strategies offer a wide set of advantages to enterprises, and lots of freedom. But although a combination of different solutions gives increased flexibility, the challenges of managing applications in a growing number of environments, and making them secure, grow at the same time. Now, with the eight fundamental issues lied out above, you know how your cloud environment(s) can be made secure, without ending up into a heavy thunderstorm.

It would be easier if you could be supported by adequate, innovative solutions – or maybe not? For this purpose, our experts at InfoGuard recommend products and technologies by F5 Networks. Why? It’s easy: because they guarantee consistent services and security in all environments; and operative security solutions, and strategic security governance, risk and compliance (GRC) applications, can be managed from the cloud.

Download our guide to the multi-cloud – for free

F5 has written a white paper on multi-cloud, and we have made it available for you at no cost: “Navigating in a Multi-Cloud World with F5”. It tells you what does the change to multi-cloud imply for you, what challenges you must expect, and – last but not least – how can you be successful in your effort towards the multi-cloud. Download it now, for free!

Download Whitepaper: "Navigating in a Multi-Cloud World"

Everything (un)clear? We will not leave you alone in your cloud

When it comes to the development of your cloud strategy, or for any question about the cloud, the comprehensive know-how and many years of experience of our cyber security consultants makes InfoGuard your professional support of choice. We stand actively by your side in all respects, whether it be the development of a strategy for cloud-based application cases such as IoT or Industry 4.0, suggesting and implementing the right products and solutions, CDC services and application cases for the cloud, or security testing.

The cloud can be a central success factor for you too! Not only can InfoGuard consult you in this, we can also support you in all your needs, with solutions chosen from the wide professional portfolio of F5 Networks.

Contact

Share article