Cloud security: five considerations
April 2017, IT infrastructure, Cyber Security
Being well-armed for the barrage of emerging cyber threats is essential as you plot your journey to enterprise cloud services. Here are the five biggest cloud security considerations:
Your cloud provider certainly has the responsibility to ensure top-notch security, at both a physical data centre level, and the protection of your data itself. But as a customer, you simply cannot shirk the overall responsibility – to select a secure cloud partner and platform, to ensure you comply with your industry’s data governance laws, and use the latest multi-factor authentication and encryption tools. Ultimately, legally speaking, the mandate of being the sole data trustee cannot be outsourced to your cloud provider.
Look at every aspect of the cloud platform you choose, such as the physical security systems used at the datacentres, the type of hypervisor that’s used to generate virtualised computing services, the APIs connecting services to each other, and more. Double-check that your cloud provider complies to local and international data security/privacy laws, as you conduct your thorough due diligence on their platform.
Have you confirmed that your cloud provider can provide you with a secure online tunnel to its data centre? Have you vetted its data security controls, including the hashing of data? And is it conducting regular penetration tests on its network? These are certainly the kinds of questions you should be asking. Closer to home, you will need to evolve your own organisation’s local network to ensure that your network security operations are orchestrated to handle cloud migration.
The latest advances firewall services can be found in Virtual Domains (VDOM) that segregate any unauthorised network traffic coming into your VLAN, leaving you with a clean, point-to-point connection to your cloud service provider. When used in combination with strong network security controls, the firewall is a powerful weapon in one’s arsenal of defence weapons.
As you build your cloud security capability, understand the most critical skills that are required (either in your in-house team or within the cloud service provider). Look at areas like compliance, risk management, data laws, communication, encryption, penetration testing, and network security. Conduct regular vulnerability assessments that include a skills matrix, to understand and address any gaps in expertise.
For more information contact T-Systems South Africa, +27 (0)11 254 7789, email@example.com
- Packaged cyber-threat service
October 2017, GNL Cyber, News, Cyber Security
Gold ‘N Links Cyber introduces GNL CYBER 360, a per user, next generation cyber-threat packaged service.
- More than physical intrusion
October 2017, Mining (Industry), Cyber Security
Mining and manufacturing sectors are becoming increasingly vulnerable to cyber attack. This is highlighted in Dimension Data’s Global Threat Intelligence Report for 2017.
- Security infrastructure in a box
October 2017, Genetec, CCTV, Surveillance & Remote Monitoring, IT infrastructure
Genetec introduces new high-performance rack-mounted appliances, workstations and storage solutions.
- Cards in the cloud
October 2017, Access Control & Identity Management, IT infrastructure
HID Global has introduced HID FARGO Connect, the industry’s first cloud-based solution that simplifies and streamlines the issuance of ID cards and credentials.
- Compliance can equal value
October 2017, This Week's Editor's Pick, IT infrastructure
In remaining compliant with new data protection legislation, companies can generate even greater value from their data, says Cleo Becker.
- Compliance is knowing
October 2017, J2 Software, Cyber Security, IT infrastructure
There are two types of businesses, those who have been breached and those that don’t know that they have been breached.
- Redstor backs up TCTA
October 2017, This Week's Editor's Pick, IT infrastructure, Products
Redstor provides government body with cost-effective and reliable backup and business continuity solution.
- Lack of skills hamper transport IoT
October 2017, This Week's Editor's Pick, Integrated Solutions, IT infrastructure, Security Services & Risk Management
IoT data stands to revolutionise the global transport sector, but restricted access to critical data may limit potential, finds Inmarsat.
- Protecting privacy in the face of PoPI
October 2017, Cyber Security, IT infrastructure, Security Services & Risk Management
While no single product can offer complete PoPI compliance, having a quality set of information security products puts organisations in a significantly better position.
- Mining botnets are back
October 2017, This Week's Editor's Pick, Cyber Security
The Kaspersky Lab anti-malware research team has identified two botnets made of computers infected with malware, which silently installs cryptocurrency miners.
- Back to the future
September 2017, Adamastor Consulting, This Week's Editor's Pick, Cyber Security, Integrated Solutions, Residential Estate (Industry)
The future is not what it used to be. Rob Anderson looks at estate security in 2027.
- Managing technology risks for effective estate security
September 2017, Technews Publishing, Residential Estate (Industry), Cyber Security, Integrated Solutions, Conferences & Events
Hi-Tech Security Solutions and Rob Anderson hosted the Residential Estate Security Conference 2017 in Johannesburg earlier this year.