Managing the Dynamic Datacenter

Datacenter Automation

Subscribe to Datacenter Automation: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Datacenter Automation: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Datacenter Automation Authors: Liz McMillan, Elizabeth White, Allwyn Sequeira, Greg Schulz, James Carlini

Related Topics: Cloud Computing, Security Journal, Datacenter Automation

Article

Hybrid Cloud Security | @CloudExpo #API #AI #Cloud #Security #Cybersecurity

Security challenges unique to the cloud

Part 2: What You Need to Know About Hybrid Cloud Security

In the first article of this three-part series on hybrid cloud security, we discussed the Shared Responsibility Model and examined how the most common attack strategies persist, are amplified, or are mitigated as assets move from data centers to the cloud. Today, we'll look at some of the unique security challenges that are introduced by public cloud environments.

While cloud computing delivers many operational, cost-saving and security benefits, it takes place in a public, shared and on-demand environment, which creates a new set of security challenges for organizations. Because cloud computing infrastructure is also dynamic and scalable, it changes more frequently and further complicates the security monitoring process.

Because of these factors, many legacy security monitoring tools that were built for the data center cannot be adapted for cloud monitoring, and their security functions may not align with the unique capabilities and limitations of cloud environments. In short, such tools may not be able to effectively address cloud security risks.

In our hybrid cloud world, we must evaluate our security requirements and goals for on-premises, private cloud and public cloud infrastructures so we can identify and deploy security and threat management solutions that will safeguard all environments without unnecessary costs or complexity. In this article, we'll also share some tips and best practices that can help keep your organization - and its business-critical data - safe in the cloud.

Protecting the Keys to Your Kingdom
As mentioned in part one of this series, access keys and root account credentials are the proverbial "keys to your kingdom," and, as such, are a major security concern in public cloud environments. If these credentials are not properly secured and your credentials are compromised, malicious actors can gain access to and control over your cloud environment.

Once they are inside the account, they can steal data and run malicious software on your systems. They can also easily spin up cloud resources indefinitely (to mine bitcoins, for example), leaving you with an enormous bill. There's no parallel for this type of attack in an on-premises environment since the resources in your data center are likely owned, static and finite.

At this point, you're probably thinking: "Well, isn't this an easy fix? I'll just make sure to avoid publicly sharing my root account credentials." However, it's not quite that simple. There have been numerous incidents over the past few years where web developers and even security industry analysts have accidently published Amazon Web Services (AWS) access keys to GitHub or other public locations, resulting in a spate of fraudulent charges. Although the cloud service providers in such cases often come to the rescue to notify victims of fraudulent activity and remediate charges, it's important to remember that it is ultimately your responsibility (remember the Shared Responsibility Model!) to keep your credentials and access keys secure.

What can be done? A good first step is to hide your keys, but this measure alone is not enough. You also need to constantly monitor your cloud environment for suspicious root account logins, changes in security policies and privileges, and other anomalous events. A cloud-native security information and event management (SIEM) solution can be a tremendous asset here, as it enables granular security monitoring and analysis of cloud activities by integrating directly into your cloud environment.

Managing Cloud User Activities
The public nature of the cloud lends itself to a greater number of unsanctioned or "shadow IT" projects and IT decentralization - whether intentional or unintentional. In fact, a recent Cisco report found that "companies are using up to 15 times more cloud services to store critical company data than CIOs were aware of or had authorized."

To ensure the success of cloud security management, therefore, it's essential to know who is using your cloud resources (both users and services) and what they are doing. This will help you identify the account activities that constitute normal or acceptable user behavior so you can quickly investigate any anomalies and irregularities that occur. Here are a few best practices to help you in this endeavor:

  • Cloud accounts offer multiple methods and tools to optimize identity and access management (IAM) and protect users from threats such as phishing attacks - use them. These controls include creating role-based permission groups and enforcing multi-factor authentication policies for your users and APIs.
  • Cloud service providers also offer services that enable you to monitor environmental activities and changes. With a cloud-native SIEM solution that has direct hooks into these services' APIs, you can readily monitor this data and perform security analysis in correlation with other data sources and threat intelligence.
  • As with on-premises security management, it's important to employ the principle of least privilege in your cloud environment. While this is a seemingly obvious practice - giving users only the absolute minimum level of access they need to do their jobs - it can be slowly chipped away, as admins and developers ask for small exceptions over time. An important secondary best practice is to regularly review access rights and privileges to ensure that the controls in place are still appropriate for users.

Navigating Blind Spots
One of the biggest benefits associated with cloud computing and Infrastructure as a Service (IaaS) is that it can help reduce total cost of ownership (TCO), as companies no longer have to manage the capital and operational expenses of maintaining their infrastructure. However, the flip-side of this is that relinquishing responsibility for the underlying network infrastructure also means that companies often lose deep network traffic visibility.

Earlier I made reference to the Shared Responsibility Model. This is a security model put in place by the IaaS vendors that separates the responsibility "of the cloud" with security "in the cloud." Effectively, IaaS providers are responsible for implementing security measures to ensure that the cloud infrastructure is secure. This includes the physical infrastructure, along with compute, storage, database and networking. Everything above this layer, from client-side and server-side encryption to the operating system, firewall, platform, applications, access and data, are all the responsibility of the user. It is because of this separation that, within dynamic cloud environments, it's no longer feasible to drop a passive tap or SPAN port on the wire to monitor traffic and detect threats as you could in an on-premises network. Clearly, a new approach is needed to provide similar visibility into cloud environments.

You need to find ways to navigate the unique security blind spots of the cloud to get a complete picture of your risk posture, and this entails a paradigm shift around cloud security monitoring. With this thought, I will leave you to ponder the concept in question, until we return to this point in the third and final installment in this series.

Our Top 100 Sponsors and the Leading "Digital Transformation" Companies

(ISC)2, 24Notion (Bronze Sponsor), 910Telecom, Accelertite (Gold Sponsor), Addteq, Adobe (Bronze Sponsor), Aeroybyte, Alert Logic, Anexia, AppNeta, Avere Systems, BMC Software (Silver Sponsor), Bsquare Corporation (Silver Sponsor), BZ Media (Media Sponsor), Catchpoint Systems (Silver Sponsor), CDS Global Cloud, Cemware, Chetu Inc., China Unicom, Cloud Raxak, CloudBerry (Media Sponsor), Cloudbric, Coalfire Systems, CollabNet, Inc. (Silver Sponsor), Column Technologies, Commvault (Bronze Sponsor), Connect2.me, ContentMX (Bronze Sponsor), CrowdReviews (Media Sponsor) CyberTrend (Media Sponsor), DataCenterDynamics (Media Sponsor), Delaplex, DICE (Bronze Sponsor), EastBanc Technologies, eCube Systems, Embotics, Enzu Inc., Ericsson (Gold Sponsor), FalconStor, Formation Data Systems, Fusion, Hanu Software, HGST, Inc. (Bronze Sponsor), Hitrons Solutions, IBM BlueBox, IBM Bluemix, IBM Cloud (Platinum Sponsor), IBM Cloud Data Services/Cloudant (Platinum Sponsor), IBM DevOps (Platinum Sponsor), iDevices, Industrial Internet of Things Consortium (Association Sponsor), Impinger Technologies, Interface Masters, Intel (Keynote Sponsor), Interoute (Bronze Sponsor), IQP Corporation, Isomorphic Software, Japan IoT Consortium, Kintone Corporation (Bronze Sponsor), LeaseWeb USA, LinearHub, MangoApps, MathFreeOn, Men & Mice, MobiDev, New Relic, Inc. (Bronze Sponsor), New York Times, Niagara Networks, Numerex, NVIDIA Corporation (AI Session Sponsor), Object Management Group (Association Sponsor), On The Avenue Marketing, Oracle MySQL, Peak10, Inc., Penta Security, Plasma Corporation, Pulzze Systems, Pythian (Bronze Sponsor), Cosmos, RackN, ReadyTalk (Silver Sponsor), Roma Software, Roundee.io, Secure Channels Inc., SD Times (Media Sponsor), SoftLayer (Platinum Sponsor), SoftNet Solutions, Solinea Inc., SpeedyCloud, SSLGURU LLC, StarNet, Stratoscale, Streamliner, SuperAdmins, TechTarget (Media Sponsor), TelecomReseller (Media Sponsor), Tintri (Welcome Reception Sponsor), TMCnet (Media Sponsor), Transparent Cloud Computing Consortium, Veeam, Venafi, Violin Memory, VAI Software, Zerto

20th International Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world.

Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS - software, platform, and infrastructure as a service.

Download Show Prospectus ▸ Here

Cloud Expo is the single show where delegates and technology vendors can meet to experience and discuss the entire world of the cloud.

Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "Cloud-Ready" as it can be!

Sponsors of Cloud Expo will benefit from unmatched branding, profile building and lead generation opportunities through:

  • Featured on-site presentation and ongoing on-demand webcast exposure to a captive audience of industry decision-makers.
  • Showcase exhibition during our new extended dedicated expo hours
  • Breakout Session Priority scheduling for Sponsors that have been guaranteed a 35-minute technical session
  • Online advertising in SYS-CON's i-Technology Publications
  • Capitalize on our Comprehensive Marketing efforts leading up to the show with print mailings, e-newsletters and extensive online media coverage.
  • Unprecedented PR Coverage: Editorial Coverage on Cloud Computing Journal
  • Tweetup to over 75,000 plus followers
  • Press releases sent on major wire services to over 500 industry analysts.

For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez by email at events (at) sys-con.com, or by phone 201 802-3021.

The World's Largest "Cloud Digital Transformation" Event

@CloudExpo / @ThingsExpo 2017 New York 
(June 6-8, 2017, Javits Center, Manhattan)

@CloudExpo / @ThingsExpo 2017 Silicon Valley
(Oct. 31 - Nov. 2, 2017, Santa Clara Convention Center, CA)

Full Conference Registration Gold Pass and Exhibit Hall ▸ Here

Register For @CloudExpo ▸ Here via EventBrite

Register For @ThingsExpo ▸ Here via EventBrite

Register For @DevOpsSummit ▸ Here via EventBrite

Sponsorship Opportunities

Sponsors of Cloud Expo @ThingsExpo will benefit from unmatched branding, profile building and lead generation opportunities through:

  • Featured on-site presentation and ongoing on-demand webcast exposure to a captive audience of industry decision-makers
  • Showcase exhibition during our new extended dedicated expo hours
  • Breakout Session Priority scheduling for Sponsors that have been guaranteed a 35 minute technical session
  • Online targeted advertising in SYS-CON's i-Technology Publications
  • Capitalize on our Comprehensive Marketing efforts leading up to the show with print mailings, e-newsletters and extensive online media coverage
  • Unprecedented Marketing Coverage: Editorial Coverage on ITweetup to over 100,000 plus followers, press releases sent on major wire services to over 500 industry analysts

For more information on sponsorship, exhibit, and keynote opportunities, contact Carmen Gonzalez (@GonzalezCarmen) today by email at events (at) sys-con.com, or by phone 201 802-3021.

Secrets of Sponsors and Exhibitors ▸ Here
Secrets of Cloud Expo Speakers ▸ Here

All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.

With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo@ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.

Track 1. FinTech
Track 2. Enterprise Cloud | Digital Transformation
Track 3. DevOps, Containers & Microservices 
Track 4. Big Data | Analytics
Track 5. Industrial IoT
Track 6. IoT Dev & Deploy | Mobility
Track 7. APIs | Cloud Security
Track 8. AI | ML | DL | Cognitive Computing

Delegates to Cloud Expo @ThingsExpo will be able to attend 8 simultaneous, information-packed education tracks.

There are over 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.

Join Cloud Expo @ThingsExpo conference chair Roger Strukhoff (@IoT2040), June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA for three days of intense Enterprise Cloud and 'Digital Transformation' discussion and focus, including Big Data's indispensable role in IoT, Smart Grids and (IIoT) Industrial Internet of Things, Wearables and Consumer IoT, as well as (new) Digital Transformation in Vertical Markets.

Financial Technology - or FinTech - Is Now Part of the @CloudExpo Program!

Accordingly, attendees at the upcoming 20th Cloud Expo @ThingsExpo June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA will find fresh new content in a new track called FinTech, which will incorporate machine learning, artificial intelligence, deep learning, and blockchain into one track.

Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expensive intermediate processes from their businesses.

FinTech brings efficiency as well as the ability to deliver new services and a much improved customer experience throughout the global financial services industry. FinTech is a natural fit with cloud computing, as new services are quickly developed, deployed, and scaled on public, private, and hybrid clouds.

More than US$20 billion in venture capital is being invested in FinTech this year. @CloudExpo is pleased to bring you the latest FinTech developments as an integral part of our program, starting at the 20th International Cloud Expo June 6-8, 2017 in New York City and October 31 - November 2, 2017 in Silicon Valley.

@CloudExpo is accepting submissions for this new track, so please visit www.CloudComputingExpo.com for the latest information.

Speaking Opportunities

The upcoming 20th International @CloudExpo@ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA announces that its Call For Papers for speaking opportunities is open.

Submit your speaking proposal today! ▸ Here

Our Top 100 Sponsors and the Leading "Digital Transformation" Companies

(ISC)2, 24Notion (Bronze Sponsor), 910Telecom, Accelertite (Gold Sponsor), Addteq, Adobe (Bronze Sponsor), Aeroybyte, Alert Logic, Anexia, AppNeta, Avere Systems, BMC Software (Silver Sponsor), Bsquare Corporation (Silver Sponsor), BZ Media (Media Sponsor), Catchpoint Systems (Silver Sponsor), CDS Global Cloud, Cemware, Chetu Inc., China Unicom, Cloud Raxak, CloudBerry (Media Sponsor), Cloudbric, Coalfire Systems, CollabNet, Inc. (Silver Sponsor), Column Technologies, Commvault (Bronze Sponsor), Connect2.me, ContentMX (Bronze Sponsor), CrowdReviews (Media Sponsor) CyberTrend (Media Sponsor), DataCenterDynamics (Media Sponsor), Delaplex, DICE (Bronze Sponsor), EastBanc Technologies, eCube Systems, Embotics, Enzu Inc., Ericsson (Gold Sponsor), FalconStor, Formation Data Systems, Fusion, Hanu Software, HGST, Inc. (Bronze Sponsor), Hitrons Solutions, IBM BlueBox, IBM Bluemix, IBM Cloud (Platinum Sponsor), IBM Cloud Data Services/Cloudant (Platinum Sponsor), IBM DevOps (Platinum Sponsor), iDevices, Industrial Internet of Things Consortium (Association Sponsor), Impinger Technologies, Interface Masters, Intel (Keynote Sponsor), Interoute (Bronze Sponsor), IQP Corporation, Isomorphic Software, Japan IoT Consortium, Kintone Corporation (Bronze Sponsor), LeaseWeb USA, LinearHub, MangoApps, MathFreeOn, Men & Mice, MobiDev, New Relic, Inc. (Bronze Sponsor), New York Times, Niagara Networks, Numerex, NVIDIA Corporation (AI Session Sponsor), Object Management Group (Association Sponsor), On The Avenue Marketing, Oracle MySQL, Peak10, Inc., Penta Security, Plasma Corporation, Pulzze Systems, Pythian (Bronze Sponsor), Cosmos, RackN, ReadyTalk (Silver Sponsor), Roma Software, Roundee.io, Secure Channels Inc., SD Times (Media Sponsor), SoftLayer (Platinum Sponsor), SoftNet Solutions, Solinea Inc., SpeedyCloud, SSLGURU LLC, StarNet, Stratoscale, Streamliner, SuperAdmins, TechTarget (Media Sponsor), TelecomReseller (Media Sponsor), Tintri (Welcome Reception Sponsor), TMCnet (Media Sponsor), Transparent Cloud Computing Consortium, Veeam, Venafi, Violin Memory, VAI Software, Zerto

About SYS-CON Media & Events
SYS-CON Media (www.sys-con.com) has since 1994 been connecting technology companies and customers through a comprehensive content stream - featuring over forty focused subject areas, from Cloud Computing to Web Security - interwoven with market-leading full-scale conferences produced by SYS-CON Events. The company's internationally recognized brands include among others Cloud Expo® (@CloudExpo), Big Data Expo® (@BigDataExpo), DevOps Summit (@DevOpsSummit), @ThingsExpo® (@ThingsExpo), Containers Expo (@ContainersExpo) and Microservices Expo (@MicroservicesE).

Cloud Expo®, Big Data Expo® and @ThingsExpo® are registered trademarks of Cloud Expo, Inc., a SYS-CON Events company.

More Stories By Jim Hansen

Jim Hansen is vice president of product marketing overseeing all of AlienVault's product development initiatives. He is responsible for providing strategic and tactical direction for the AlienVault Unified Security Management (USM) and Open Threat Exchange (OTX) product lines, as well as introducing new products into the marketplace.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.