Strategies
May 07, 2020

Is the Cloud Safe? Thinking About the Cloud Through a Security Lens

1 min. read
By Raymond Pompon

Back in the day, the theft and loss of backup tapes and laptops were the primary causes of data breaches. That all changed when systems were redesigned and data at rest was encrypted on portable devices. Not only did we use technology to mitigate a predictable human problem, we also increased the tolerance of failure.

A single lapse, such as leaving a laptop in a car, doesn’t have to compromise an organisation’s data. We need the same level of failure tolerance, with access controls and IT security, in the cloud.

In the cloud, all infrastructure is virtualised and runs as software. Services and servers are not fixed but can shrink, grow, appear, disappear, and transform in the blink of an eye. Cloud services aren’t the same as those anchored on-premises. For example, AWS S3 buckets have characteristics of both file shares and web servers, but they are something else entirely.

Practices differ too. You don’t patch cloud servers – they are replaced with the new software versions. There is also a distinction between the credentials used by an operational instance (like a virtual computer), and those that are accessible by that instance (the services it can call).

Cloud computing requires a distinct way of thinking about IT infrastructure.

Read the full article published March 17, 2020 here: https://datacentrereview.com/content-library/opinion/1602-is-the-cloud-safe-thinking-about-the-cloud-through-a-security-lens by DCR.

Need-to-Know

Expertly picked stories on threat intelligence

Hundreds of apps will be attacked by the time you read this.

So, we get to work. We obsess over effective attack methods. We monitor the growth of IoT and its evolving threats. We dive deep into the latest crypto-mining campaigns. We analyze banking Trojan targets. We dissect exploits. We hunt for the latest malware. And then our team of experts share it all with you. For more than 20 years, F5 has been leading the app delivery space. With our experience, we are passionate about educating the security community-providing the intel you need to stay informed so your apps can stay safe.

Every

9 hrs

a critical vulnerability—with the potential for remote code execution—is released.