Bringing cloud security back to the basics

Visibility is a fundamental principle of network computing. However, with the explosion in the adoption of private, public, and hybrid cloud platforms, enterprises are under enormous pressure to maintain visibility into their infrastructure. In these new and constantly changing environments, how can the enterprise maintain visibility and control and confidently answer the critical question “What's going on in my cloud environment?”

The emergence of cloud platforms has had a tremendous impact on technology, kicking off the current digital transformation. Cloud enables companies to be more productive and responsive with fewer resources. Other benefits include flexibility and cost-effectiveness. Cloud adoption has also spawned the rise of DevOps, enabling IT teams to move at a more rapid pace and empowering the overall business to be more agile.

While most IT professionals recognize visibility as a basic need, many organizations report that it is lacking in their cloud-based networks, resulting in a slew of challenges that can have a negative impact on the network, and therefore, the entire organization. When it comes to cloud adoption, just like any other technology, one must weigh the pros along with the cons. One of the cons of cloud computing is that it can hinder visibility, making the management and security of this complex environment very difficult. This is further exacerbated by the rise of DevOps, where typically one of two scenarios will occur:

  • Security teams aren't involved: as the DevOps team is spinning up cloud infrastructure assets, they aren't updating the security team or ensuring that security policies are enforced
  • Security teams are involved, but have no say: DevOps teams may update the security team about these cloud changes, but aren't asking them if the changes are okay from a security standpoint – essentially, security teams are blind to the effect of changes in their cloud environment

A recent Tufin webinar explored the challenge of gaining visibility in cloud environments. When applications are distributed between private, public, and hybrid cloud platforms, it's a challenge to identify how many cloud services are being deployed, as well as which services are running on which cloud platform. Another challenge is knowing what type of data is stored among these cloud platforms and who has access to this information, which could include sensitive customer or company data.  This lack of visibility could leave company data exposed. Visibility is also a challenge when it comes to compliance. If regulatory data is stored in the cloud, it's still the organization's responsibility to protect this data, not the responsibility of the cloud provider.

So, what's the solution to the visibility challenge? The first step is accepting the fact that visibility is non-negotiable. It's a basic first step to cybersecurity, and it's time for IT professionals to revert to this basic need and seek a simpler way to bridge the cloud visibility gap. You can't control what you can't see.

Additionally, organizations need a more seamless way to bring infrastructure, people, and processes together. The way to do so is through a “single pane of glass” that can manage security policies and configuration across the whole network.  More than just a way to save time and cost, a coherent and centralized view into the network at all times allows the business to be more agile and secure.  In the event that something goes wrong, a single command can produce changes that can be applied throughout the entire network.

Supporting all major cloud platforms including Amazon AWS, Microsoft Azure, VMware NSX, Cisco ACI, and OpenStack, Tufin enables enterprises to gain full visibility into the cloud infrastructure including VMs, applications connectivity, security groups, and other cloud network assets. Additionally, Tufin provides accurate topology simulation and path analysis across physical firewalls and hybrid cloud for connectivity troubleshooting.

Don't lose sight of the basic need for visibility across your network. Check out our recent webinar “20/20 Vision into Your Cloud Security: CISO Interview and Case Study” featuring Maurice Stebila, CISO at HARMAN International, along with Ralf Buchroth, IT Infrastructure and Provider Management at RWE Supply and Trading, a Tufin customer. You'll learn expert advice on how to address cloud security challenges and how Tufin provides visibility and control in the cloud.

cloud security challenges CISO interview