Cloud computing is the next evolutionary leap in IT. The journey to the cloud offers great advantages. But as Stan Lee once said: "With great power comes great responsibility."
Microsoft Azure is a public cloud providing a huge range of different computing services, databases, operating systems and other resources.
The journey to the cloud requires adaptable, individualized and above all suitable security measures. Confidentiality, integrity, and availability must also be ensured. For meeting this requirement, there is a broad range of security mechanisms for designing a secure journey to the cloud.
Shared responsibility
In the case of on-premise infrastructures, all responsibilities and administrative work lie within your own organization. In cloud computing, these responsibilities shift depending on the selected cloud service model. Security measures that are currently covered by your own organization become the responsibility of the cloud provider.
But which activities and responsibilities lie with you and which ones does the cloud provider take care of?
Shared responsibility model – the answer
The shared responsibility model represents the distributed responsibilities and answers the question of which activities and responsibilities lie with you and which ones the cloud provider should cover.
Now you'll ask yourself whether distributing responsibility means sharing your data and information.
For answering this question, probably the most important principle comes into play: All data, endpoints, access, and identities will remain in your possession – always!
A problem shared is a problem halved.
One of the greatest advantages of cloud security is that you can reallocate resources.
You have a limited number of employees, which often leads to orphaned responsibilities and thus exposes vulnerabilities. By shifting responsibilities and taking the comprehensive security approach, your managers can concentrate on the essentials and thus increase your organization's security level. This enables efficient recognition and handling of faulty processes.
Apart from organizational and technical challenges, the journey to the cloud also offers the opportunity of raising your security organization and conception to a state-of-the-art, secure and especially effective level.
Are security and the cloud mutually exclusive? The answer is definitely NO!
Look forward to our next blog articles on security in the cloud.
Here's a look ahead to the topics and dates:
- Identity and access management
- Threat protection – azure security center and azure sentinel
- Threat protection – Microsoft Antimalware for Azure and Vulnerability Management
- Network security – micro segmentation
- Network security – application gateway (WAF), Azure Firewall, DDoS Protection Standard
- Network security – VPN
- Data & information protection – encryption, Azure Key Vault confidential computing
- Security management – Azure Security Center, Azure Log Analytics and Sentinel
- Compliance on Azure
Author: Dominic Iselt, IT Security Engineering Expert