Nightman1965 - Fotolia
Cloud computing offers many benefits -- including scalability, elasticity and reduced costs -- but some enterprises are still wary about leaving their on-premises systems behind. Their hesitation stems largely from the belief that cloud is inherently less secure than traditional IT systems. The debate over which model is more secure continues to rage on, but both sides can agree that security remains a top concern in any IT environment.
The complexities of cloud increase with the emergence of hybrid and multicloud models. In response, vendors have developed new security technologies to reduce potential attack surfaces and fill in security gaps. Here are SearchCloudComputing's top tips so far in 2016 to overcome common cloud security challenges.
Prove the security of cloud computing in your organization
One of the biggest cloud security challenges can be convincing business leaders that enterprise data can be safe in the public cloud. Luckily, there are steps IT pros can take to sell management on cloud security. According to cloud expert Dan Sullivan, the first way to ease concerns about the security of cloud computing is to research potential cloud providers' security and compliance certifications. Specifically, look for certifications such as ISO 27017:2015, ISO 9001:2008 and the Multi-Tier Cloud Security Standard Level-3.
IT pros should also emphasize the fact that most cloud providers have the financial ability to invest heavily in security technologies for a large number of users. But before jumping in, remember that cloud providers use a shared security model; the provider is responsible for the physical security of their facilities, the network and services, while the enterprise is in charge of systems and applications.
Consider IAM to combat cloud security challenges
Identity access management (IAM) tools help IT teams manage user identities and access controls in the cloud. However, different enterprises will require different IAM approaches, according to expert David Linthicum. Popular IAM technologies include identity management services, access management services, identity governance services and authentication services. It is not uncommon for an enterprise to institute two or three of these options.
When building an identity-based security strategy, pay attention to its design. It is important to have an architecture that will hold up to the introduction of new technologies. Also, conduct "white hat" security tests for any IAM tools you use to discover vulnerabilities.
Use cloud access security brokers to fill critical voids
David Strom outlines six strategies that CIOs have adopted to develop hybrid cloud security concerns as their organizations increasingly use public and private clouds.
With the popularity of hybrid and multicloud models, cloud access security brokers (CASBs) are in high demand. CASBs protect data that travels between on-premises systems and cloud providers. Use this tool to identify potential internal and external threats and to track users' movement. Additionally, CASBs perform retroactive analysis to discover the origin of suspicious behavior.
While the tool has numerous benefits, it comes with a fair share of challenges, warns expert Paul Korzeniowski. For example, because CASBs are relatively new, they can be difficult to integrate with other security tools, as the application program interfaces aren't always fully developed.
Prepare for these multicloud security snags
Multicloud computing attracts enterprises because it promotes a mix-and-match approach; organizations can choose different cloud services and providers to meet their needs. Ideally, IT teams can tightly integrate multiple cloud platforms with load balancing and failover in place.
Unfortunately, multicloud presents unique cloud security challenges due mostly to the lack of standardization between clouds, according to expert Stephen Bigelow. Interoperability issues between vendors can expose potential attack surfaces. In addition, data travels across the public internet in most multicloud models, which can create vulnerabilities. Reduce risk by educating employees on proper security policies and establishing a common method for managing automation and monitoring.
Establish network security groups for public cloud
Network security groups are a good starting point to overcome public cloud security challenges. Similar to a firewall, network security groups protect a part of a public cloud from outside access. They also contain the data flowing between cloud instances and help IT pros manage access controls for networks in a public cloud.
Before getting started, research how to set up network security groups with your particular provider, as the process differs between clouds, explains expert Jim O'Reilly. Microsoft Azure users, for example, can use the Azure Resource Manager portal. To fend off potential threats, avoid accessing particular instances, such as databases, directly over the internet. For extra protection, create a three-tier cloud security model to control communication between applications and services.
Find out why the cloud is more secure than traditional IT
Evaluate the cost of securing your cloud
Seven cloud security risks to address today