CLOUD SECURITY

This evolution is how we see customers journey to cloud journey starts with virtualizing IT production systems (e.g. active directory). The second phase involves virtualizing business critical applications….last phase is heavily virtualized, with efficiencies of scale and flexibility as IT is offered as a service. There are security considerations for each of these phases as described in each segment. When these requirements are met they cumulatively form the foundation for securely moving to the next stage in the journey.


Large enterprises today are for the most part between phase 1 and 2. And that is where there is some pause in the progression of virtualization and consideration for how to address compliance requirements and risk management. Phase 2 is where v1.0 of RSA’s solution for Cloud Security and Compliance address the challenges of VMware infrastructure risk and compliance.

CHALLENGES

  • Some on-premise Security solutions not well suited for the cloud
  • Ephemeral Nature of Cloud, Auto scaling and shut down
  • Just-in-time instantiation and installation
  • Efficiency and performance in case of virtualized environment
  • Different Solutions with different capabilities

Our Approach to Cloud Security Solution is:

  • Standardize Cloud deployment architecture keeping in mind the security requirements along with business needs. Map and define Security Requirement based on Risk and compliance needs
  • Document current Deployment scenarios and security base line for different deployment scenarios
  • Deploy currently available best of the breed solutions (not necessarily currently used Enterprise tools) to address the Cloud Security requirements
                 * Extend the Enterprise tools wherever possible (VPC environment)
                   * Cloud Specific Tools (Public Cloud environment)
                   * Select tool sets which can be uniformly deployed across Azure, AWS and Enterprise (later stage) to provide adequate coverage and consistent management (avoiding too many end point solutions)
  • Enhance Automation and Orchestration capabilities to address cloud’s ephemeral nature.
  • Bridge the current tool limitations/management overheads by design robust and efficient and cost-effective security management processes
    Adopt a phased wise approach to address and evolve the desired security posture

 

The Cloud Security is addressed by:

 

  • Consulting and Readiness: Assessment and Documentation, Security Requirement Baseline, Governance, Risk and Compliance
  • Transformation: Organization Requirement into Existing and New Tool Set, Security Solution Delivery and Integration Framework
  • Sustaining and Optimization: Security Changes on the Cloud Tools, Operations Efficiency, Monitor and Enhance