The adoption of cloud-based services has caused a rapid disruption that is changing the face of Information Technology. This leap forward comes with countless benefits but there is also a great cause for concern. The change is happening at a rate that isn’t properly allowing Information Security groups to properly gauge the security ramifications.
When I first entered this industry more than 20 years ago, networks were far easier to secure; they were largely flat with only a handful of entry points with all data and assets living in one or two physical environments with their own dedicated controls. Networks were very linear and far easier to scope and manage than the networks we support today.
Today, cloud connected services from tech giants like Amazon, Google, IBM and Microsoft offer low barriers to market entry, flexible costs, variable capacity, greater uptime, improved mobility and collaboration on robust network fabric. With so many benefits it’s easy to understand why there has been such a major push into the IaaS and SaaS space.
A company building a modern network will take advantage of these cloud connected services. Amazon’s AWS service operates over 40 data centers in 16 regions globally, thats a lot of entry and exit points for your data to pass through, are you sure it has been properly secured?
Compliance oversight and governance hasn’t gone away with the introduction of cloud-services. If anything we have seen increased requirements for monitoring, reporting, and coordinated incident response with resolution.
With the rate of migration and architectural change, most Information Security groups haven’t had the time or resources to assure that proper monitoring is taking place. Compliance is always a concern, even more so when adding complex evolving services to the network. Research shows that even firewall configuration complexity is leaving companies exposed. The technology to keep your networks safe exists, but it’s nearly impossible to manage properly.
How vulnerable is your network? Are your administrators certified on all of the services that are the backbone of your business? Are you comfortable not knowing?