Following last week’s news that Google is now rolling out several new cloud security services, Chris Morales, head of security analytics at Vectra, has put together some commentary looking at what primary security concerns enterprises have as they move more workloads and data to the cloud as well as what the current state of security looks like in the cloud.
Chris Morales, Head of Security Analytics at Vectra:
“I think the biggest problem facing the cloud is ensuring only the right people have access to data stored in cloud workloads. Inside the confines of the enterprise network, misconfigured systems and applications aren’t as susceptible to compromise because there are already other internal controls limiting external access, but even then, these systems are easily compromised by attackers who infiltrate the network. In the cloud, a simple misconfiguration or exposure of system access means there are no defenses in place to stop someone from just taking everything. The potential for misconfiguration of access to cloud workloads is real, as evidenced by the Uber data breach among others.
Security has become a necessity and not a nice to have with all the big cloud vendors building out capabilities for authentication, control, and visibility. The cloud providers (Amazon, Microsoft, Google) have also started implementing better integration for third-party security vendors to enhance cloud security capabilities. For example, Microsoft has introduced a network virtual tap in Azure to enable the monitoring of all network traffic underlying cloud workloads. Vectra leverages the Azure virtual network tap to apply machine learning models to this network traffic to identify unwanted changes in system traffic that would indicate an attack in progress.
Any type of new services offered by the cloud vendors are useful, but there isn’t anything new being offered that was not already on offer by an existing vendor. There are entire markets built around web gateways, DDOS protection, and encryption key management. An evaluation would need to be performed to understand what benefits Google provides already well-established security vendors.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.