Social Network For Security Executives: Help Make Right Cyber Security Decisions
Securing a cloud environment requires, and offers a new approach to security: holistic Security Intelligence. Many organizations have dozens of different point products to address security concerns. For example, they may have a firewall from one vendor, identity management from another, and application scanning from a third. This creates a siloed approach to security. However, as attacks become both more complex and sophisticated, it has become a priority to look across all of these different products in order to identify and respond to threats. By reducing the number of point products in an environment and adopting a unified approach, organizations are gaining better insight into unknown threats while also managing continued security risks.
Whether deploying a traditional data center, or a cloud, organizations must protect the infrastructure and applications while monitoring and controlling access to all resources. This security must be accomplished in a way that meets industry regulatory and compliance standards. Organizations must be able to protect against both known and unknown threats across all of these elements of the computing environment.
6 Key Principals for creating a Secure Cloud
Keep Data Secure Regardless of the Deployment Model. A successful cloud data management strategy allows an organization to know where data is located and who has accessed that data. Often this data is not static, it will change and move based on business transactions. In addition, data must remain secure whether it’s being accessed in the office or from a mobile device. All of this data must be backed up in a reliable and secure manner.
Ensure Compliance within a Hybrid Computing Model. Compliance and regulatory requirements are quickly evolving and organizations are struggling to stay current. Many industries require compliance with specific
regulations related to protection of customer and corporate data.
Prepare for Advanced Persistent Threats (APTs). APTs are ongoing slow attacks that masquerade as ordinary activity and are typically not identified by traditional security technology. These sophisticated threats are becoming commonplace. Companies need to be able to anticipate these threats so they can be stopped before they cause significant damage.
(Read more: 7 Key Lessons from the LinkedIn Breach)