How to Win the Cloud Security Game by Balancing Risk with Agility
The cloud is changing the way organisations around the world do I.T. Attracted by lower costs, improved efficiency and faster development and deployment times for apps, users everywhere are migrating to this new computing model in droves, with or without the blessing of I.T. Yet security is a top concern due to the loss of control of a physical infrastructure.
The challenge of balancing that greater business agility with security risk while keeping costs down is not an easy job. But it’s one that cloud managers will have to confront to be successful. And just like in a game of football, a winning strategy must be built on solid defence.
To articulate the challenges of cloud security, Trend Micro recently commissioned Forrester Consulting to survey I.T. professionals tasked with public cloud security projects. 70 percent said the public cloud was an integral part of the product or service they offered to customers.
It’s no surprise that security was a concern to three-quarters (76 percent) of them. In the public cloud, security is a shared responsibility. The cloud service provider will secure up to the hypervisor (including data centre and infrastructure), while the customer must take care of securing the OS, apps, users and data.
When determining how to best augment the secure infrastructure of their cloud provider, cloud managers should start by considering three aspects:
- Time to value – This is all-important to developers. It’s why two of the top three barriers to adopting best practice cloud security were given as “too time intensive” (43 percent) and “would slow down cloud usage” (36 percent). Forrester believes cloud resources must be made available in under 15 minutes, automated and out of sight, or developers may look to circumvent IT controls.
- Security risks – Cutting down on security in order to speed time to value will expose organisations to the risk of a data breach, including the financial penalties, damage to brand, legal costs, and consumer trust issues this could bring. Adding protection like data encryption, monitoring and logging, intrusion detection/prevention and patch management and other controls to cloud workloads provides multi-layered protection that reduces security risks.
- Cost – Applying maximum levels of security to every workload will drive up cost unnecessarily, impacting one of the main reasons of migrating to the cloud. It could also force developers to bypass security. But if you don’t add enough security, you become an easy target for hackers, leading to expensive data breaches. It’s a delicate balance.
Deep Security for the win!
Forrester believes the answer lies with security solutions offering pre-made templates with different levels of security to match the needs of individual workloads:
Optimal cloud security controls would be:
- Automated: so when a developer launches a workload, it is automatically protected.
- Personalized: with policies that fit the workload type, sensitivity and regulatory context.
- Pre-built in a template: so the developer doesn’t have to know what the right security is for their workloads.
With Trend Micro Deep Security, we believe we have the best solution: enabling automated, comprehensive security that won’t get in your way. What’s more, Deep Security can protect your entire organisation – across physical, virtual and cloud environments and includes comprehensive protection in a single product and agent. Making management easier and lowering costs.
Contact our sales team today on 0118 9898 222 to find out more about Trend Micro Security Solutions.