Is cloud native security good enough?
By Deryck Mitchelson, Field CISO EMEA, Check Point Software Technologies.
Global organizations are digitally transforming via cloud native applications and services. Use of cloud native can drive innovation, accelerate speed to market, and can bring about cost savings that fuel new gpostth. Cloud native technologies enable organizations to tap into the agility required to keep up in the current competitive landscape and to create new business models. But achieving efficient, flexible, distributed and resilient cloud native security is tough.
All major public cloud providers -Amazon Web Services (AWS), Microsoft Azure and Google Cloud- of course offer security features and services, which are designed to address significant threats to cloud-based data. However, in spite of this, public cloud providers’ security tools commonly fail to meet operational needs, and their limitations should prompt organizations to consider or reconsider how they are protecting public cloud environments.
Cloud providers’ efforts to ensure security are barely adequate. In the following section, I go into why that’s the case and how it could impact your organization:
1. Limited visibility. One of the major challenges associated with cloud-native is that, in contrast with on-prem deployment, owners cannot be sure of the security elements related to the cloud environment that the application is hosted on. As a result, it becomes the role of the IT team to track every resource and to add it to the application. Monitoring needs to proceed throughout application lifecycles. Lack of adequate visibility can needlessly compromise security.
2. Cloud native exposure to threats. The cloud is accessible to anyone with an internet connection, which means that threat actors are continually searching for ways to undermine systems’ security. As cyber attackers advance their strategies, cyber security prevention and defense methodologies also need to evolve. For example, enterprises need cloud security that can fend off brute-force attacks, phishing and SQL injections.
3. Policy centralization. At present, the average cloud native environment includes a number of tools from an assortment of developers and service providers. In a multi-cloud infrastructure, information technology managers may face fragmented security access controls, and due to implementation in separate provider environments, an impossible-to-keep-up-with set of monitoring tools. Policy centralization can make security management more uniform and more successful.
4. Slow security processes. Key reasons as to why enterprises are moving to the cloud include speed, agility and flexibility. But security can easily get left in the dust, so to speak. Given the speed of the continuous integration and deployment (CI/CD) pipeline, security can lag. Enterprises can solve for this issue by shifting security as far left as possible. You can create a Shift Left environment through a third-party security platform.
Further details
By 2023, more than 500 million digital applications and services will be developed and hosted through cloud native means. The factors briefly outlined above, combined with the recent sharp increase in cyber attacks should lead organizations to consider whether or not they are making adequate effort to secure public cloud environments.
Reduce your enterprise risk. Improve your visualization, limit exposure to threats, enforce security best practices and ensure that your security can keep up with the speed and scale of your organization. Consider CloudGuard for Cloud Security Posture Management. Learn more here.