Every Cloud has a secure lining!
Moving to the Cloud. A lot of companies are taking their applications and data to a cloud environment. We must admit, it can be a very attractive move. It increases flexibility, scalability and mobility for example. And, it reduces power, hardware costs and more. But, moving your stuff from a highly secure vault to an open environment does no go without risk. In this blogpost, I want to stress the importance of a full Identity and Access Management Tool when using Software-as-a-Service (SaaS) or Infrastructure-as-a-Service (IaaS).
You only secure twice!
Moving your applications from your secure vault to an open cloud environment that is accessible to everyone, implies risks. Granting access based on a username and a password is passé.
Just think of shops for example, or even your own house. A simple lock with a key is not enough. Nowadays people use cameras and alarms to protect what is valuable. The same goes for that password and username. Technology has evolved big time, and hackers use it to their benefit! They have tools to test billions of passwords each second. Therefore, it is strongly advised to use a full Identity and Access Management (IAM) tool with Two Factor Authentication (2FA) or even multi-factor authentication.
Let’s get personal
No, we are not talking about your mother’s maiden name as a second security question. We are talking more personal stuff! Something the user possesses, or something biological: their smartphone, their fingerprint or even their face.
IAM tools easily enable Single Sign-On (SSO) and will give the end user the mobility they require while still providing a good user experience. And, on top of that, the IT department can easily manage access and decommission access to all SaaS tools when necessary.
I don’t have to tell you how much work it would take for the administrator to delete all access to these SaaS tools for one user that leaves the company. This administrator should be able to disable/delete an identity in one tool and it should be active everywhere.
IaaS: my datacenter is not your cloud?
When we talk to our customers, we notice a worrying tendency. They don’t seem to worry about their cloud security as much as they did with their own datacenter. So wrong! Cloud Security is your responsibility too!
Just think of your company email. This is one of the most-moved applications to the cloud. Still, studies show that email is one of the most-used attack vectors through phishing mails, CEO fraud, malicious attachments and so on.
It is hard to believe that organizations that used to deploy several security solutions in front of their email infrastructure when they were using their own datacenter; now no longer do this when working with a cloud environment. Do they really trust these solutions 100%? 100% security is never attainable! Also not in a cloud environment.
I hope I made it clear through this blogpost, that you should always build the same secure infrastructure in the cloud as you should in your own datacenter.
COMING UP: We will soon post a technical follow-up blog with more concrete examples