By David Brossard for CloudPOST
Today, it is imperative for businesses to increase scalability and enable collaboration among development teams to help solve complex challenges, all while cutting down on IT business costs. To accomplish this daunting task, more and more organizations are shifting their entire IT infrastructure to the cloud and adopting a “cloud everything” approach.
The benefits of moving to a cloud infrastructure cannot be understated, but just like any other business initiative, there will be challenges along the way. One of the most common challenges organizations face is cloud security. Cloud services typically provide built-in security features like Identity and Access Management (IAM) to help control access to infrastructure and Platform as a service (PaaS) services, but often times the security of transactions and data handled in the cloud are overlooked.
Cloud Services Require Additional Security
Cloud providers generally don’t offer the level of control and security needed to leverage data in the cloud while also keeping critical data secure. Security products that have emerged to protect the cloud tend to focus on the security of the infrastructure and containers rather than the security of the transactions or, in this case, the data. Companies like Amazon and Google both have an “IAM” strategy that is all about authorizing administrators to spin up/down servers, databases, containers, etc., but they tend to focus on the infrastructure rather than the data or information consumers store inside, and they use the same legacy identity/role/group-based approach to authorization, which is too coarse-grained.