THANK YOU FOR SUBSCRIBING
Common Cloud Security Challenges
The public cloud has fundamentally altered the way businesses build, operate, and manage applications. Developers now have easy access to a wide range of cloud services
By
Apac CIOOutlook | Monday, December 27, 2021
Stay ahead of the industry with exclusive feature stories on the top companies, expert insights and the latest news delivered straight to your inbox. Subscribe today.
Security owners must change their mindset in order to help the business move quickly while remaining secure. Cloud security teams must strike a balance between giving developers what they need when they need it and enforcing security rules.
Fremont, CA: The public cloud has fundamentally altered the way businesses build, operate, and manage applications. Developers now have easy access to a wide range of cloud services, as well as tremendous flexibility in how each service can be configured to build complex, modern applications. This freedom to drive innovation, nevertheless, comes with its own set of cloud security risks.
Cloud security challenges
Shift Security Mindset from Blocking Teams to Building Guardrails
Security owners must change their mindset in order to help the business move quickly while remaining secure. Cloud security teams must strike a balance between giving developers what they need when they need it and enforcing security rules. To accomplish this, collaborate with an organization's Cloud Center of Excellence to develop a cloud governance program in which best practices are defined, socialized and action is taken when a policy or standard is violated.
Today's best security teams think like developers. They share code examples of the proper usage and create security guardrails to ensure no mistakes are made by accident. To aid in the adoption of cloud security policies, ensure that they are clearly defined and something that a developer could actually put into code. For example, if you have a policy requiring complex passwords, it is preferable to have a policy requiring passwords to be longer than 12 characters because a developer can incorporate this function into their code.
Security Change Management Can't Handle the Speed of the Cloud
DevOps has become a reality thanks to cloud computing, with developers executing hundreds of code changes each week. In the cloud, the traditional change management approach of meeting once a month to review the security impact of the new updates and changes does not work.
See Also: Business Management Review
