Cloud computing isn’t just a buzz word anymore. It is where the majority of data processing and storage is headed, if it’s not already there. The cloud offers many advantages over premise-based hosting, the most important of which is Agility. The cloud is scalable and adaptable and in a fast-paced business environment, that is key. But is it safe? It’s safer than you think. Cloud security is adaptive, it can respond as threats or opportunities rise. Here, DataCenterJournal.com tells some of the trends in Cloud Security that we can expect this year:
Emergence of Serverless Frameworks
One of the most challenging innovations in the cloud in 2016 will be the rise of serverless frameworks. They includes elements like Amazon Web Services’ (AWS) Lambda and the rise of code-PaaS (code-based platforms-as-a-service), in which IT departments will no longer have to manage an operating system or virtual machine.
This is a big change for cloud security strategy, because it means APIs are becoming an additional area of vulnerability for attacks. It’s an area where IT teams are usually unaccustomed to configuring for and defending against these types of threats.
Host- and Network-Based Security Measures Move to the Control Plane
Another aspect of cloud security that differs from traditional data center environments is that security features are moving into the control plane. This change is opening up more opportunities for IT to get information about risks and vulnerabilities as they arise. And instead of presence-based discovery, as is par in a traditional in-line network, a big advantage for cloud security will come in the form of real-time “firehose streams” of updates on network, host and serverless-process events through APIs.
Cloud-Aware Security Solutions Delivered by Incumbents
Cloud security will be delivered by more than innovative startups, because as cloud infrastructure becomes more important to organizations of all sizes, cloud security solutions will have to evolve to keep up. This evolution will happen from cloud security providers of all sizes, including some of the big incumbent players in the IT security industry. For example, multiple vendors are coming to the market with solutions for Windows- and Linux-based workloads in AWS. Other incumbent vendors will see more pressure from customers who need them to support hybrid deployment models that include traditional data centers and AWS.
Whether it’s by acquiring smaller IT vendors or by developing innovative new products, big security players will become more involved with delivering cloud-based security solutions. And if not, they’re going to risk disruption by faster-moving competitors.
Cloud Security Will Accelerate
Attacks on cloud infrastructure are becoming more sophisticated and automated, and this trend is unlikely to abate in 2016; if anything, attacks on the cloud will become even more intense because more organizations are storing more and more valuable data in cloud infrastructure. But the cloud security landscape will reflect the same tension in that “uneven handshake” of shared security responsibilities. According to research from Gartner, “Through 2020, 80% of cloud breaches will be due to customer misconfiguration, mismanaged credentials or insider theft, not cloud provider vulnerabilities.”
IT organizations need to upgrade their security preparations with real-time alerts and response capabilities while also taking a closer look at their in-house operations, internal configurations and employee security training and credentialing.
Read the rest of the article here.