Cloud Security


In the past, data was controlled mostly by IT and stored inside a protected perimeter.  Remote access to the data was permission-based and almost always through a VPN.  Threats were focused on the network and endpoint.  With a defined perimeter IT was able to tightly control access.  However, with the mix of Hybrid, SAAS, IAAS and PAAS, controls now need to span from on-prem, to cloud and potentially a mix of them.  With access to corporate cloud resources now increasing outside the firewall via remote/BYOD there is a need to ensure security controls follow virtual applications traversing hybrid cloud platforms, how do we see user activity on cloud environments, how do we broker user sessions, how do we control downloading to personal devices and more.


Many organizations are now looking at cloud as an alternative to running some or all applications on-premise; with some having a cloud-first approach when on-boarding new apps.   For some company boards or C-level execs, it can be to simply look at the finances involved in running a service to decide on whether it makes financial sense to move.  What is lacking in most cases is how these cloud services, be they Hybrid, SAAS, IAAS or PAAS can be automated or managed from a centralized, corporate level with control and governance.  Many cloud services have their own in-built tools to manage access but how do these align with corporate policy, especially if I.T. have no visibility of some of the apps in use, i.e. shadow-I.T..  How do we manage the user access, how do we control the flow of inappropriate or sensitive data, how do we ensure corporate policy is aligned to, how do we ensure corporate approved tools are used and most importantly how do we enforce policies specifying that your data never leaves your environments?  These are just some of the questions that need to be considered when introducing cloud into an organization.


There are many elements that can offer better protection when using Cloud services, global policy controls that ensure security posture follows virtual workloads even if they traverse onto public cloud platforms,  portability of those workloads back in-house if needed, getting visibility of non-Sanctioned or non-IT controlled cloud apps, how to ensure IP, Trade Secrets, Customer or PII data do not reside in unsanctioned areas, ensuring proper configuration of Azure, AWS and Google Cloud ensuring no unintentional exposure to sensitive data takes place, and cloud access security brokering are all elements we can assist with.


To find out how our unique approach to Security can protect your business contact us today!