Perimeters Still Need to Provide Protection in the Cloud
Today’s data center looks very different than it used to. Many times, there isn’t a data center at all. Security strategies need to match this new design and provide comprehensive protection to endpoints both within and without the data center, as well as the network links that connect the resources. Is your cybersecurity solution up to the challenge?
Despite the hard-to-find perimeter, perimeter protection remains critical for securing IT resources. The modern perimeter needs to:
Restrict access to resources
Firewalls are still an important control for managing access to systems and data. Cloud configurations are another important control, and one you need to pay particular attention to, as the default configurations provided by cloud vendors may make access public where it should be private.
Verify user identities
A properly configured cloud resource that is accessible according to firewall rules needs to ensure that the user attempting access is authorized. No matter how complex your environment, the ideal to strive for is a single identity for each user, with multifactor authentication used to confirm identity and analytics used to identify potentially suspicious behavior.
Provide secure connections within and without the cloud
Clouds don’t exist in isolation; by definition they connect to on-premises users, and most will connect to remote users and remote systems, as well. Every link and every API needs to be secured and encrypted, and these security measures need to have minimal impact on performance.
Encrypted traffic adds security, except when it conceals threats. Achieving security requires being able to examine all data once it’s reached your threshold. In addition, you need to be able to identify all the services your employees are using, even the ones that haven’t received the corporate gold seal of approval.
Sideline suspicious traffic
If there’s any question about the legitimacy of traffic, it needs to be directed to a sandbox for further investigation, rather than being passed through.
Above all, be consistent.
It only takes one weak point to allow a breach to occur. Security policies and procedures need to be distributed and applied consistently across the entire perimeter. With internet of things endpoints that are nearly invisible and difficult to manage, consistency is a very difficult virtue to achieve.
Build a security strategy that copes with the expanding perimeter that comes with the cloud. Prescient Solutions experts help you leverage your existing security tools and implement new ones to meet the challenges of today’s new architectures. Contact us to learn more about how to keep your data safe when it doesn’t live in your data center.