Source of the image: xcluseiv
It has taken ten years for public cloud computing to become mainstream: cloud services are now at the center of the mobile-led consumer lifestyle and many enterprise CIO’s IT strategies. It’s impossible to ignore the fact that cloud is having a disruptive effect across the global corporate IT landscape and that CIOs are no longer just focusing on how to use the cloud as part of their strategy. Instead, they are also dealing with the ripple-effect changes it brings to the rest of their organization.
The cloud revolution, along with the growing media interest in high-profile security breaches, is pushing security to the fore and democratizing it at the same time – by bringing best-in-class security to everyone for the same price, for the first time in IT’s history.
In the future, and thanks to cloud, security will be for everyone. Accompanied by a variety of new security models.
Breaches Bring Security to the Fore
The past few years are scarred with the wounds from excruciatingly painful data breaches at household-name companies, across all sectors – from the government and the military, to retail and the financial heart of the economy.
Many of these breaches happened on non-cloud systems but they have raised the profile of security to DEFCON 1 levels within many companies. In such a climate of flashing-red warning lights and shrieking alarms, the concept of moving valuable data and applications out of the IT bunker and into a publicly-accessible cloud is still viewed by some as the equivalent of opening all the hatches on the boat in the middle of a Category 5 storm. Like most counter-intuitive ideas, however, it is the incorrect one for a number of reasons.
In the Future of Cloud, Security Is for Everyone
Today and in the future, public cloud service providers are (and need to be) the best-in-class at what they do and nowhere is this more true than with security. They need to have the best security engineers with the biggest budgets, and their potentially billions-of-dollars revenue stream is at risk if they are poor at security.
Thus, even the smallest cloud consumer in the world can now benefit from the best security in the world – because all of these cloud security features are available to everyone at the same price, on a pay-as-you-go basis. The future of cloud really does mean security for everyone.
Here’s what the public cloud leader, and now a $7.3bn business, Amazon Web Services (AWS), has to say about security :
“Security at AWS is job zero. All AWS customers benefit from a data center and network architecture built to satisfy the requirements of the most security-sensitive organizations.”
The list of security features available on a rental, pay-as-you-go basis from the leading cloud service providers is staggering – covering firewalls, application filters, DDOS protection, access management, key management, and much more. For an enterprise to replicate these features on-premise, it would take a very large amount of upfront and ongoing investment, and risk management, that the majority of executives would no longer want to support, even with the continued media frenzy over high-profile data breaches.
Whereas security was once a reason not to go to the cloud, in the future it will be the reason to do it wherever possible!
New Security Models Will Emerge
In the future of cloud, new standard approaches to cloud security such as zero-trust and borderless networks will come to the fore. Gone are the traditional attitudes that firewalls will keep the bad guys out of the illusionary pristine waters of the internal network; zero-trust networks and distributed security systems already understand that there are no perimeters and the bad guys are probably already in your network, or at least on their way to being there.
Also, cloud security isn’t just about the technology. Many of the front-page security-breach stories are the result of staff protocol issues, not network or application protocols. This will no doubt lead to security teams to increasingly leverage new cloud identity and access management innovations – to give them a “single view of the universe” and granular insight into, and control over, access of staff members to both on-premise and cloud assets. These new access and identity systems include ambient intelligence, which understands “what is normal?” for each user and can alert a midnight logon from a bunker in Afghanistan, say, as being abnormal.
Away from the users and inside the cloud, near the applications and the data, new distributed and software-defined network systems will elevate security as their number one reason for use. Instead of focusing on old-fashioned perimeter security, they will move the security choke points away from the perimeter to nearer the potentially thousands of corporate applications. And instead of focusing on “north-south” network traffic, they can inspect and enforce point-to-point network flows that go from “east-west.”