PETER KRASS, CONTRIBUTING WRITER
There's no doubt the cloud delivers a long list of valuable benefits. But it also makes security much more complex.
To learn more about cloud security challenges, and to hear how Illumio CloudSecure can help, we spoke recently with Erika Bagby, a senior product marketing manager at Illumio.
Why does cloud computing make cybersecurity more complex?
Erika Bagby: In the old, pre-cloud days, you knew where your perimeter was, and you knew how to keep it secure. But today we have a new paradigm. It’s a hybrid mix of on-premises and cloud, not to mention remote users dialing in from who knows where. In this cloud-native architecture, your perimeter has essentially dissolved.
Simply building a digital moat around your data center is no longer possible. This hybrid environment also makes security policy both challenging to create and difficult to enforce.
Many companies don't seem to be too worried about cloud security and believe cloud platforms address the issue. So, how big of a concern is cloud security?
Erika Bagby: Big. Hybrid and multi-cloud deployments make it difficult to see how your application workloads are behaving and communicating. That can leave major security gaps across your dispersed architectures. Cloud platform providers are not responsible for these sorts of issues.
And the need for comprehensive security defenses is greater than ever. Cybercriminals have become increasingly sophisticated, and their attacks have become increasingly dangerous and costly.
A recent survey found that 9 out of 10 organizations fear that a lack of cloud visibility is obscuring security threats. And an even greater number — 95 percent — said visibility problems had led to an application or network performance issue.
What makes cloud security so complex?
Erika Bagby: You're talking about containers, microservices and intelligent compute resources. By way of analogy, imagine a hotel where you could just snap your fingers, and each room would suddenly be able to serve a different function, can get as big or small as you need it, and do all this almost instantly.
Now you have this mix of architectures that operate on different premises, different paradigm models, and use different tools.
What we call the dissolved perimeter is the gap between one architecture and the next. And with this gap, consistently applying security policies is becoming increasingly difficult.
Application workloads are moving in and out of these environments, so getting visibility into how applications are communicating and understanding their dependencies is difficult. What are they communicating with? How are they behaving? What's connected to them? What's visible? What's not? What's exposed to the outside world? What's not?
It’s becoming difficult because you have a new model for enterprise networks, but you still have old processes, and traditional technologies that can't see into a cloud-native architecture.
You can't use old tools for this new way of computing: Today's networks are too diverse, dynamic and distributed.
And without the necessary unified visibility across your new hybrid digital infrastructure, your organization is at a dangerous disadvantage.
How can organizations mitigate the risks of cloud computing?
Erika Bagby: The first step in defending a highly heterogeneous and distributed environment is understanding what comprises it.
Comprehensive visibility across all application types, locations and endpoints is the first step but must be put in the context of risks from open ports, unnecessary communication between applications, and other factors.
So it goes back to visibility. Organizations need to see across public clouds, private clouds, and data centers. Otherwise, how can you protect what you can't see?
Visibility generates the confidence to adopt and migrate to the cloud, and that can only be accomplished with a mature Zero Trust practice in place.
At its core, the Zero Trust model calls for denying access to applications, resources and data by default and relies on three core principles: all entities are untrusted until verified, least privilege access is enforced, and comprehensive security monitoring is implemented.
The reality is that, according to Gartner, 95 percent of digital initiatives will be running on cloud-native architectures by 2025.
A mature Zero Trust practice is the enabler to faster adoption of the cloud, with an improved security posture that's consistent across all environments. And this is where Illumio CloudSecure comes in and how we help.
Don't cloud platform vendors like AWS and Microsoft Azure take responsibility for cloud security?
Erika Bagby: No, they don't. The model in their contracts is "shared responsibility," and rightly so.
It’s easy to think that because a cloud provider is giving us this big, beautiful castle, they can also put gates around it.
They give us what’s essentially a private estate, call it a virtual private cloud, and say, ‘This is all for you. Nobody can go into this environment except you.’
And it’s true, they’ve secured your virtual private cloud, but most attacks are internal, not external. So the old castle-and-moat idea of protecting the perimeter...that assumption needs to shift.
Often the biggest exposure comes from misconfigurations in the DevOps cycle, exposing password chains and sensitive data and putting them at risk. That’s because DevOps engineers are not always aligned with IT and security operations.
So it’s not the cloud service provider’s job to secure your applications or control what they do. That’s the job of your security team.
How does Illumio help organizations improve their approach to cloud security and improve their cyber resilience?
Erika Bagby: We pioneered new capabilities in cloud security with Illumio CloudSecure.
CloudSecure provides agentless, cloud-native application visibility with segmentation controls to accelerate an organization's path to Zero Trust security.
It offers unique help to our customers to help them understand what's at risk of being compromised by providing a comprehensive, unified view across application types, locations and endpoints.
With that visibility, CloudSecure makes it easy to consistently apply policy across clouds and on-premises workloads, helping reduce possible avenues for a cyberattack.
For security teams, CloudSecure delivers four big benefits:
- It gives you agentless visibility into your cloud-native applications and their real-time traffic flows.
- You get a consolidated view across your cloud providers and on-premises data centers.
- You can optimize your cloud-native security policies to implement Zero Trust.
- You can unify multiple cloud-tagging schemas into a single, common strategy, which helps you greatly simplify operations and efficiently manage your workloads.
Cloud computing and hybrid IT are clearly here to stay. Illumio CloudSecure provides the necessary Zero Trust security to keep organizations safe from modern cyber threats.
Visit Us at RSA Conference 2022
Interested in learning more about how your organization can build better cloud security?
Visit our booth (Moscone North, N-5555) and speak with our security experts. Learn how Illumio Zero Trust Segmentation can prevent cyber disasters by stopping breaches from spreading across your hybrid and multi-cloud infrastructure.
Illumio, the Zero Trust Segmentation company, prevents breaches from spreading and turning into cyber disasters. Illumio protects critical applications and valuable digital assets with proven segmentation technology purpose-built for the Zero Trust security model. Illumio ransomware mitigation and segmentation solutions see risk, isolate attacks, and secure data across cloud-native apps, hybrid and multi-clouds, data centers, and endpoints, enabling the world’s leading organizations to strengthen their cyber resiliency and reduce risk.