Cloud Security: Developing a Secure Cloud Approach

Executive summary

Businesses are facing IT and data management challenges unlike those they’ve ever experienced. Big data and the globalisation of the business landscape, coupled with increased time-to-market pressures and budget restrictions, have resulted in ad hoc infrastructure buildouts and high levels of complexity. This hampers the IT organisation’s ability to function efficiently. The cloud has become a perceived panacea for all these problems, but the journey to the cloud isn’t one that should be undertaken lightly. There are many potential pitfalls along the road, the most prominent of which is security.

Gartner analyst Jeffrey Wheatman comments in a recent research note that: “Security requirements and drivers in the cloud are different from those in traditional data center environments… The dynamic nature of the cloud, coupled with the lack of customer ownership of infrastructure and limited transparency, has essentially broken traditional security models and architectures.”* 

This paper examines the differences between cloud and on-premise security requirements and discusses what organisations should consider to securely and confidently make the shift to the cloud.

Cloud breaks the traditional security model

As enterprise networking technology has evolved, so too have the requirements for enterprise security. What began simply as setting up a perimeter around the network using security tools like firewalls and e-mail gateways has evolved to the deployment of a wide range of tools. These include virtual private networks (VPNs) and intrusion detection systems (IDS) needed to handle the continuously growing number of threats to the network. For many IT departments, the idea of moving this established infrastructure into the cloud is a daunting proposition. Although the cost and scalability benefits of the cloud are appealing, the perceived lack of security and control has prevented organisations from taking the plunge.

Download Full Whitepaper: Cloud Security: Developing a Secure Cloud Approach