There is no one silver bullet to protect against security threats in the cloud environment. Rather, Albert Kramer, technical director with Trend Micro Canada, recommends that you use many of them.
Cloud workloads have different security requirements, Kramer said at a recent ITWC webinar. “You can’t compare end points to servers. Hybrid and multi-cloud models can get complex and if you neglect any aspect of security, you leave gaps open for the attackers,” said Kramer.
Organizations should implement a range of security technologies to protect their workloads, no matter where they reside in the infrastructure. As well, he said new security tools should be adopted to keep pace with the fast-changing and flexible nature of the cloud.
Why the old ways have to go
The past focus on protecting on-premises servers and the perimeter no longer works in the cloud environment. “The modern workplace has no boundaries,” said Kramer. Workers are more mobile and they use tools which may not have been vetted by their employers.”
Now, 80 per cent of workloads are virtualized. Infrastructure has evolved from physical servers to virtual servers to the public cloud and containers. “There are many points of entry to protect,” said Kramer. “It can be difficult to get visibility to the entire organization and to protect everything.”
At the same time, the threat landscape is changing rapidly. ”Everyday something that threatens your data will catch you off guard. It’s very difficult to keep up with the patching,” said Kramer. He’s not very concerned about ransomware because it’s highly visible. “I’m more worried about all of the malware in the network that is not so visible and that companies don’t even know is happening,” he said.
Companies also have to comply with increasingly strict regulations to protect personal data. On May 25, 2018, the European Union’s harmonized General Data Protection Regulations (GDPR) come into effect. The regulations apply to any company that collects data from EU citizens and includes significant fines for non-compliance.
The trend toward automated security
It takes a broad set of technologies to “cover all of the bases” in cloud environments, said Kramer. For network security, organizations need to detect and protect against incoming attacks on the data centre and the cloud. A host-based intrusion prevention system will automatically make sure that vulnerabilities are known and sealed off. “It’s all about knowledge,” said Kramer. The Zero Day Initiative, which explores new vulnerabilities and shares them with the world, can help to serve as the intelligence for intrusion prevention systems.
Organizations must also have extensive system security to protect applications and malware prevention to stop malware and targeted attacks, said Kramer.
Finally, a system like Trend Micro’s Deep Security brings all of the security layers together in one platform providing visibility for all virtual infrastructure on a single web dashboard. This ensures that all systems are communicating to shut down any threats, said Kramer. A big advantage is that this approach allows organizations to automatically scale up or down their security as the business evolves, just like cloud.
“It’s all about automation.” said Kramer. “If you scale up new workloads in one hour, they will automatically be protected against the latest threats and malware. That’s the security of tomorrow.”