Cloud security: five considerations
April 2017, IT infrastructure, Cyber Security
By AJ Hartenberg, portfolio manager: data centre services at T-Systems South Africa.
Being well-armed for the barrage of emerging cyber threats is essential as you plot your journey to enterprise cloud services. Here are the five biggest cloud security considerations:  AJ Hartenberg.
1. Responsibility
Your cloud provider certainly has the responsibility to ensure top-notch security, at both a physical data centre level, and the protection of your data itself. But as a customer, you simply cannot shirk the overall responsibility – to select a secure cloud partner and platform, to ensure you comply with your industry’s data governance laws, and use the latest multi-factor authentication and encryption tools. Ultimately, legally speaking, the mandate of being the sole data trustee cannot be outsourced to your cloud provider.
2. Platform
Look at every aspect of the cloud platform you choose, such as the physical security systems used at the datacentres, the type of hypervisor that’s used to generate virtualised computing services, the APIs connecting services to each other, and more. Double-check that your cloud provider complies to local and international data security/privacy laws, as you conduct your thorough due diligence on their platform.
3. Network
Have you confirmed that your cloud provider can provide you with a secure online tunnel to its data centre? Have you vetted its data security controls, including the hashing of data? And is it conducting regular penetration tests on its network? These are certainly the kinds of questions you should be asking. Closer to home, you will need to evolve your own organisation’s local network to ensure that your network security operations are orchestrated to handle cloud migration.
4. Firewall
The latest advances firewall services can be found in Virtual Domains (VDOM) that segregate any unauthorised network traffic coming into your VLAN, leaving you with a clean, point-to-point connection to your cloud service provider. When used in combination with strong network security controls, the firewall is a powerful weapon in one’s arsenal of defence weapons.
5. Skills
As you build your cloud security capability, understand the most critical skills that are required (either in your in-house team or within the cloud service provider). Look at areas like compliance, risk management, data laws, communication, encryption, penetration testing, and network security. Conduct regular vulnerability assessments that include a skills matrix, to understand and address any gaps in expertise.
For more information contact T-Systems South Africa, +27 (0)11 254 7789, jane.wessels@t-systems.co.za
|
|
|
|
|
|
|
Further reading:
- Driving surveillance storage
July 2017, WD South Africa, Seagate Technology, CCTV, Surveillance & Remote Monitoring, IT infrastructure
Storage for surveillance is a necessity, but the right components can make all the difference in the total cost of ownership and reliability of the solution.
- Email is the weak link
July 2017, This Week's Editor's Pick, Cyber Security, Security Services & Risk Management
Email remains any firm’s most important business tool and 43-trillion emails are sent annually The problem with email is that it was not designed to be secure.
- A capsule of storage
July 2017, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, IT infrastructure
Capsule offers enterprise-class hyper-converged platforms designed specifically for the video surveillance market.
- Biggest threat to industrial systems
July 2017, This Week's Editor's Pick, Cyber Security, Security Services & Risk Management, Industrial (Industry)
The biggest threat to industrial control systems since Stuxnet is Industroyer, a sophisticated and extremely dangerous malware designed to disrupt critical industrial processes.
- Universal control of power management systems
July 2017, IT infrastructure, Security Services & Risk Management
The Universal Controller is installed on a site and monitors power management systems 24x7, raising an alarm as soon as it detects something is out of the norm.
- Cybersecurity for access control
July 2017, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security, Asset Management, EAS, RFID
Farpointe provides cybersecurity vulnerability checklist for contactless cards and readers.
- Toshiba Mobile Zero Client
July 2017, This Week's Editor's Pick, IT infrastructure
A clientless solution that empowers staff to work on the move, while following all corporate security regulations.
- NVR storage for all projects
July 2017, IT infrastructure, Products
IndigoVision has a range of storage options for the surveillance industry available with Windows or Linux operating systems.
- USB to Fast Ethernet fibre adaptor
July 2017, Products, IT infrastructure
Use the Scorpion-USB Fast Ethernet Fibre Adapter to create an EMI-secure data connection between a USB port on a PC, laptop or tablet and a 100Mbps Ethernet fibre port on a switch.
- Cybersecurity at the edge
July 2017, ComNet , Products, IT infrastructure
The ComNet Port Guardian feature has the capability to physically disconnect a port if unauthorised access is detected.
- Storage for surveillance considerations
July 2017, Milestone Systems, CCTV, Surveillance & Remote Monitoring, IT infrastructure
Milestone Systems highlights three things to consider when you buy storage for video business systems.
- Taking the pain out of maintenance
June 2017, Integrated Solutions, IT infrastructure
Technologies that allow for predictive and preventative maintenance are not available to the mass market inside the security industry, but Naxian is changing this with its smart services offering.
|
|
