@CloudExpo Authors: Pat Romanski, Yeshim Deniz, Zakia Bouachraoui, Liz McMillan, Elizabeth White

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security, @DXWorldExpo

@CloudExpo: Blog Feed Post

Data Everywhere – Distributed Data Security in the Cloud

Distributed data security is the reality of modern business

Securing your data used to be simpler (if not necessarily easy). You had IT infrastructure in your data center. You adopted security controls at all levels – from physical security, controlling who could enter the facility, up through the network and system, and application layers. IT security looked a lot like perimeter security in a building – the valuables are inside, the attackers are outside, so you have good walls and strong locks and monitor what passes through.

The cloud explodes this model. Today, your data is in your own facility, at a managed hosting provider’s data center, and at your cloud provider. And while you’ve got a specific set of servers and network connections at the hosting provider – you can even go see your servers if you want to! – in the cloud you’ve got virtual machines that vary in number and location within the cloud environment. In a dynamic, autoscaling cloud the number of VMs you’re using may change hour to hour. And wait, there’s more – your employees, customers, and partners are accessing that data not just on IT-approved workstations but on iPads, Android phones, and probably Google Glass before long with the rise of BYOD.

Distributed data security

Distributed data security is the reality of modern business. But with so many data inputs and habitats, how should you approach security best practices?

So how do you go about ensuring distributed data security in the variety of places the data lives, not all of which are under your total control? This means thinking not about securing your perimeter, but utilizing security technologies that follow your data. Let’s look at some examples of what this means.

Let’s look at your physical security. The service providers taking care of your hosting and cloud infrastructure need to have solid processes in place to keep intruders away from the hardware that holds your data – you should ask them about it. (A good provider will welcome the question.) Your responsibility extends beyond your own facilities.

What about network traffic? The traditional way of monitoring network traffic for attackers meant monitoring the traffic at your switches. Cloud network security monitoring means being able to monitor traffic on virtual machines – even as they spin up in response to sudden demand.

How about log data? Capturing, analyzing and storing logs is a basic security practice – does your log solution capture logs on the cloud?

There’s another wrinkle to this. Capturing all that security data from one environment produced enough challenges – you’ve got to correlate it to find the meaning in all the data, leading many organizations to attempt to implement SIEM (often with more headaches than results) or offload the work to an MSSP. Now you’ve got data across multiple environments – and to really understand your security posture, you’ve got to analyze that data as a whole, not in separate buckets. That means that your security technologies have to all be cloud-aware and able to work with the data coming from everything from an in-house data center to the cloud.

Given that, there are a couple of key principles to keep in mind when looking at security solutions to protect your data in the cloud:

  1. Look for cloud-native technologies that can handle the rapid scaling of cloud environments – this means not just that they are deployable in the cloud, but they can scale just like the cloud.
  2. Talk to your cloud hosting provider. Item 1 will require some level of integration with your cloud environment, so you cloud provider should be a trusted partner in identifying security technologies that give you the protection you need.
  3. Think globally. If you wind up with separate security buckets for cloud, managed hosting, and on-premises infrastructure, you’ll be left with the challenge of piecing it all together and you’re not likely to get the outcomes you want.

Like the cloud itself, security in the cloud is a game changer. The good news: it presents an opportunity to get some of the same flexibility and efficiency in your security spend that make cloud infrastructure so good for your business.

By Jake Gardner

Read the original blog entry...

More Stories By Gathering Clouds

Cloud computing news, information, and insights. Powered by Logicworks.

CloudEXPO Stories
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or personal computing needs.
All in Mobile is a place where we continually maximize their impact by fostering understanding, empathy, insights, creativity and joy. They believe that a truly useful and desirable mobile app doesn't need the brightest idea or the most advanced technology. A great product begins with understanding people. It's easy to think that customers will love your app, but can you justify it? They make sure your final app is something that users truly want and need. The only way to do this is by researching target group and involving users in the designing process.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to advisory roles at startups. He has worked extensively on monetization, SAAS, IoT, ecosystems, partnerships and accelerating growth in new business initiatives.
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like "How is my application doing" but no idea how to get a proper answer.
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed by some of the world's largest financial institutions. The company develops and applies innovative machine-learning technologies to big data to predict financial, economic, and world events. The team is a group of passionate technologists, mathematicians, data scientists and programmers in Silicon Valley with over 100 patents to their names. Big Data Federation was incorporated in 2015 and is ...