One of the greatest draws of cloud computing is the promise of greater security. Cloud service providers typically have greater expertise and budget to dedicate to securing their services than customers.
However, contrary to the expectations of many, the burden of securing cloud environments does not lie solely with your cloud providers. Responsibility for the user access, data and application layers typically remain with the customer. The shared responsibilities model outlined in terms of service not only reveal the customer's obligation to share the load, but also reflect the modern cloud security strategy we should all be following.
The proliferation of remote working and the growth of cloud have meant the gradual and inevitable erosion of the traditional security perimeter. With that, we've had to pivot to more holistic approaches to securing our organisations - better cyber hygiene, cloud-based security tools, and MFA.
However, one often neglected aspect of cloud security strategy is the shared responsibility model. To be effective, cyber security must be multi-layered, with each layer covering possible gaps in the others. If the shared responsibilities are not well understood, the potential consequences are obvious.
Join us for a Computing webinar on 27 January during which we will be considering research into the shared responsibility model for cloud security today and the degree to which IT leaders are aware of what they should be doing to ensure the secure use of their multi- and hybrid-cloud environments. This includes the configuration of access permissions (at the user access, data, and application levels), cloud governance, and the use of automated administration and security. We will address all this within the complex and challenging security context organisations are operating under, including increasing IT workloads and tool sprawl hurdles.
Modern data management requires a nuanced approach that combines private and public cloud and on-premises environments with training to increase security posture
Charles Ewen, CIO of the Met Office, tells Computing that its new supercomputer, which will be supported by Microsoft, will bring £13.7 billion of economic benefit to the UK
Kubernetes, multi-cloud and open source technologies are all key ingredients, says head of compute infrastructure Andrey Rybka
The use of containers and open source virtualisation without relying on VMware could disrupt the HCI market
Keep it simple, advises David Keigher