By Christine Schönig, Regional Director Security Engineering CER, Office of the CTO at Check Point Software Technologies GmbH
Securing company buildings with locks and alarm systems is a matter of course. Now, however, the business area goes beyond the analogue realm and extends into the digital space. One digital place where the entrance doors are sometimes particularly wide open is the cloud – but it has several entry and exit points. Therefore, when a company moves its data and workloads to the cloud, it opens up significantly more entry points through which hackers can penetrate. The challenge of protecting these is therefore greater than ever: in the latest Cloud Security Report, 76 per cent of respondents said they use two or more clouds (up from 62 per cent in 2021) in their day-to-day work.
Cloud security impossible without consolidation of security solutions
To understand how best to protect cloud assets, it helps to stick with the door analogy. Suppose any security door is made up of a series of components that fit together. All the individual parts add up to form the structure of any door: hinges, handles, locks, bolts, keys. Without any of these elements, the door is not complete. Now imagine that the alarm system and all the doors are installed by four or five different contractors, each with their own order form. Perhaps this approach would reduce costs. But what if something goes wrong? Who do you call and who guarantees that one contractor won’t blame the other?
The example should illustrate: Using multiple cloud security products from different vendors is a path that leaves companies with an insecure architecture. This increases the total cost of ownership (TCO) and reduces the return on investment (ROI) by complicating integration and automation between products from different vendors. As a result, the effectiveness of enterprise security decreases as more manual work is required. Cloud security is like the security door: each element of a security strategy must fit together and work with the other elements. This principle should also be applied to cloud security, where malicious attacks are flourishing, doubling year on year and becoming more sophisticated.
Differences between hybrid cloud environments and relocations
In a hybrid cloud environment, cloud access should be direct, as the advanced and virtual security sits in the cloud and no backhaul connectivity is required for remote sites or users to other security gateways or data centres. This should use scalable virtual appliances in the cloud to extend the same detailed and accurate security to all relevant clouds. This enables the best possible performance, scale and support. With a single intelligent user console programmed with a common policy, protection can be extended to an entire enterprise. This makes the move to the cloud simple, trusted and less risky.
When moving or expanding to the cloud, the task of keeping track often seems impossible. Changes in each cloud multiply with the number of clouds used and with the focus on getting everything right all the time. Using a tool that automates this governance across multiple clouds mitigates risk and saves time. It gives you an assessment of the security posture, can uncover misconfigurations and enforce best practices across compliance frameworks.
A cloud security solution must be security door, gate and alarm
Building a secure cloud approach is an important step in the first line of defence. This means first focusing on the key elements of the current infrastructure landscape to find vulnerabilities. The decision here should definitely go for a cloud security platform with a focus on real-time prevention, automation and unified management – including multi-layer protection mechanisms that are fully integrated and leave no gaps for attacks. To provide initial guidance for securing cloud resources and weeding out vulnerable points, it helps to ask yourself the following questions:
- How transparent is the IT security of the network and cloud resources?
- How do users support or prevent a high level of security?
- To what extent is integration possible with current security?
- How can DevOps become DevSecOps without losing flexibility?
- Is it easy to apply and enforce consistent policies across all endpoints and users with different security products?
- Can a single portal be implemented for full management?
The focus should not be on detection and containment, but on prevention. A solution that protects data in the cloud should function like a virtual security door that sounds the alarm when danger is imminent. Whether hybrid cloud environment or moving to the cloud, as with a proper security control, an approach of multi-layered measures should be implemented and updates automated. This saves time, resources and money, protects previously potentially uncontrolled access points and, most importantly, protects valuable corporate and personal data.