The Cloud: Rethinking IT Security Roles
Whether you lead a team of IT professionals—or are the team—tasks like swapping power supplies and tinkering with the datacenter’s air conditioning are quickly transitioning to people in cloud-computing centers. Cisco estimates 83 percent of data center traffic will become cloud traffic by 2019.[i]
Moving to the cloud is a significant change from static hardware-based infrastructures to application-centric infrastructures running on dynamic pools of compute and storage resources. The changeover to cloud computing makes this a good time to rethink the security strategy needed to protect your organization’s cloud assets and services as well as what this means for your role as an IT professional.
Rethinking IT Security Roles
Letting cloud Infrastructure as a Service (IaaS) and Software as a Service (SaaS) providers deal with hardware and bandwidth issues means you can focus more on the software aspects of your operations: deploying self-service application portals, architecting policies, instituting best practices, and monitoring and reporting on security. The transition to public and hybrid cloud networking does not mean the security measures you need to protect workloads will change. In the cloud, you still need comprehensive threat prevention as well as email security, web security, application security; all the measures you currently use to protect your on-site network. For more information on cloud security, download the Check Point Security Report for 2016.
Despite security needs staying constant, moving to the cloud means roles will change. Instead of IT security practitioners aligning security controls with business and infrastructure needs, application developers will be making these decisions. Administrators and application developers should learn to bridge the knowledge gap that separates IT administration, security administration, and application development. You will need to align security with application service workflows and orchestration processes to protect services and data and enforce policies regardless of where your services originate and where they terminate.
A server is a server whether it is in your data center or in the cloud. However, when servers are mostly under someone else’s roof, the software aspects of networking and security will become your priorities.
Learn more about datacenter and cloud security in the Check Point Security Report 2016.
[i] Cisco. “Cisco Global Cloud Index: Forecast and Methodology, 2014–2019 White Paper,” page 5, April 21, 2016.