Cloud computing is a security risk: fact or fiction?

Share this:

secure cloud

Make a statement often enough and eventually it becomes lore. Like the claim cloud computing is less secure than systems based on-premises. Here are five ways we’re setting the record straight.

1. Cloud computing allows for more checks and balances

In a traditional data centre, if the root system administrator’s credentials are compromised then it’s game over. There’s no protection at the service level. In contrast, cloud computing offers multiple layers to safeguard valuable data and processes, including role-based access controls, service level authorizations and secured access tokens for each cloud resource. There are also Data-at-Rest and Data-at-Transit protections available.

It’s not just data that’s well protected in the cloud. There are different security frameworks and cloud vendor specific solutions for applications (OAUTH token-based authentication, SAS security tokens for cloud services access, Cloud application firewalls) and networks (Virtual Network security at IP level, Application Gateways and Cloud Firewalls, private end points, service end points, Virtual Private Networks).

2. Cloud computing is governed by industry-wide security standards

While Cloud customers remain responsible for security at the enterprise level, cloud platform providers have robust security standards in place to support them.

All cloud vendors have implemented the NIST cybersecurity framework which promotes using end-to-end visibility for threat alerts, logging, and monitoring. For example, Microsoft Azure has services like Azure Security Centre and Azure Defender as Microsoft Cloud security Posture management and Azure Sentinel as cloud native SIEM services.

There is also a well-established range of international and jurisdiction-specific standards for data protection. These include the EU data protection Code of conduct, ISO 27001/27002 (information security management systems), the USA Sarbanes-Oxley Act (SOX), COBIT (control objectives for information and related technologies), ITIL certification and SAS 70 security audits. These are just as relevant to cloud-based information management as they are to on premise data systems, providing greater assurance to enterprises and their clients and customers.

3. Cloud computing offers a better defence to ransomware and faster recovery

Organisations can protect themselves against ransomware and other attempted data breaches through techniques like privilege escalation, credential access, lateral movement and exfiltrations (called MITRE key attack vectors). They can also tighten security postures and implement threat hunting.

Just as importantly, in the event of a successful attack, enterprises operating from the cloud can return to the market faster. Because cloud security is layered, breaches are detected earlier and at a point closer to the attacker. Security walls are activated as soon as a breach is detected, allowing time to eliminate the threat before catastrophic damage. Cloud-based activity logs allow for fast, automatic system restoration and a speedy return to normal operations.

4. There are cost-effective cloud security models for every user

Implementing end-to-end cloud security doesn’t have to be expensive. Most security services are offered on a pay-as-you-go basis, which is a cheaper licensing model. Security operations can also be centralised to leverage global deployment benefits.

5. Cloud security can be managed with established protocols

After more than two decades of development, there are now established design patterns for cloud computing. These are well documented, with an emphasis on rigorous security standards.

At the outset, cloud architects should implement an ordinations specific Active Directory. Then authentication mechanisms, various security tokens, lasers, firewall placement and services can be integrated. Once this is done, network security can be addressed through well-defined IPs with various private links for services, followed by application considerations. Then governance and monitoring frameworks should be implemented as the final safeguard for cloud safe platforms.

Talk to us

Sonata Software’s unique Cloud Platformation™ approach delivers a superior cloud journey, ensuring every piece of the digital stack operates in cooperation with lower-level stacks and responds on demand. We have a proven track record with Azure, AWS & Google alliances on IT infrastructure, cloud, and solutions. Sonata Software’s managed services for cloud offer design, delivery, and daily operational support for computing, storage, and virtual networks on the cloud environment.

Contact us now or submit the form below for a no-obligation conversation about your enterprise goals and digital agenda.