Co-created in collaboration with Oracle Corp.
When IT infrastructure moves to the cloud, data — and the paths used to access that data — must be protected. With hybrid and multi-cloud environments, this protection becomes much more complicated. That’s why automation is being used increasingly to enhance and simplify security and to enable rapid defenses and self-securing, automated responses.
All Paths Lead to the Cloud
When you manage your resources on-premises, there’s usually less external access to the data. But when you move your infrastructure to the cloud, you must secure the path to that data because that path is now more open-ended and accessible by outsiders.
More than ever, you’re dealing with objects, not just humans. Imagine that you’re a company that uses the Internet of Things (IoT), and you want to scale your architecture to the cloud. You can’t merely say, “It’s okay, I assigned a password,” because now you’re dealing with objects. In the old stack, you might not have the infrastructure technology needed to support these new use cases, so you have to redesign your application architecture — a costly endeavor.
Not All Data Needs to Move to the Cloud
It’s also important to remember that with the growing use of edge computing, not all of your data needs to move to the cloud. For example, let’s say you have a factory that produces a product using automation. You have many machines that aren’t elaborating data locally. Instead, they relay the data to a server where the information is exchanged. You receive back developed data and make decisions. You wouldn’t imagine putting this server in the cloud and opening all your machines to outside access — that would be dangerous.
When dealing with objects, it’s essential to think about edge computing. Edge computing provides a proximity layer to the machines and then tries to give them the power to elaborate large amounts of data locally. If the data is being used only by the factory, the data doesn’t need to go to the cloud. If you’re thinking about an integrated security strategy, you need to include edge computing because you’re dealing increasingly with objects.
Identity and Access Management Are Key to Securing Data
Data security is complicated, so your security strategy must have many components. Overall, every company must consider good data governance: how you collect data, how you save data, and how you use data. Other elements include tunneling, cryptography, redundancy, and continuous updates. That last one is especially important — what’s secure now is not secure tomorrow if someone can find a point of access. The specific strategy you choose, however, depends on your data’s sensitivity.
The foundation of a robust security strategy is identity and access management. Humans are the weakest point in data security. The less you need to rely on humans, the safer your data is.
Secured by Design
Many cloud infrastructure vendors like Oracle are developing holistic and integrated security using a critical approach called “secured by design,” which also includes “secured by default.” You can start using their services knowing that the infrastructure is secured by design and that the initial configuration is secured by default.
Automation plays a significant role in this security strategy. Deterministic automation is cued to run a process based on some event or action: if this, then that. Such automation is reactive. Using this type of automation to identify anomalies in data flow or for continuous security updates is essential. Intelligent automation that learns from experience, however, is used in integrated security not only to identify anomalies in data flow but also to resolve the problem.
We’re not just moving toward intelligent automation. Infrastructure vendors are relying increasingly on virtualization. We’re talking about something that can be managed by other software, not the physical machine where you need to press a button. With virtualization, you need to put all the responses under the control of this intelligent software, which needs to be trained. It can identify anomalies. It can manage identity and access management. It can do many things. You can’t have a human being monitoring the infrastructure 24 hours a day, seven days a week.
Integrated Security Still Needs to Consider Human Influence
You need to adapt your organization to the influence of the automation in your security framework. The chief information security officer (CISO) needs to focus more on human resources. We can talk about a sophisticated security infrastructure, integrated security, self-aware security, or intelligent automation. Still, we also need to deal with the insider threat: someone inside your organization who wants to do some damage or employees who simply open an email attachment by mistake.
As I said before, the human is the weakest point in cybersecurity. You can deal with an insider threat only if you have proper management of your people and your team. With integrated and automated security, the CISO can focus more on people and try to spread a culture of shared goals across the enterprise and its effect on safety. It’s imperative to focus on growing the knowledge and the awareness of your organization around data security. This is a huge thing.
This article has been co-created by myself and Oracle Corp., and it’s available on the official Oracle blog here