One step behind
The last decade has been challenging for the cyber industry. Attackers always seem to have the upper hand while defenders play catch up. It’s common to point to the ever-accelerating frequency and sophistication of attacks, siloed security that creates gaps, and a shortage of skilled cyber professionals as rationale for this lagging position. All are true but none represent the core reason for our current situation.
The reason we are where we are is because of cloud computing. Don’t get me wrong, cloud computing has been and continues to be profoundly beneficial. It enabled digital transformation that reshaped how we do business. But it is also a huge disruptor that turned traditional, centralized computing and data networking models on their head, forcing carriers and network suppliers alike to innovate and adapt or risk obsolescence. And as networking models shifted, from centralized to distributed, so too did security, but always at a lagging pace.
With cloud computing, distributed networking, and cloud-based security becoming standard, organizations must reassess their cybersecurity approach. It is imperative that they adopt comprehensive end-to-end solutions that align with the evolving landscape of cloud computing and connectivity to address their cyber challenges.
Cloud computing’s cascading effect
It’s always been about data – where data lives and how it is accessed by users. Shifts in data residency and access have triggered a series of events, beginning with:
Our introduction to the cloud
- Server virtualization and cloud compute infrastructure, frequently referred to as infrastructure as a service (IaaS), ushered in low cost, flexible, and resource efficient computing via virtual machines (VMs)
- Growth in cloud computing shifted focus to new ways that enabled users, whether in offices (sites) or at home (remote users), to access the data required to perform their job duties
Cloud adoption led to new networking models
- Networks were re-architected to align with shifting data residency, from centralized data centers to distributed cloud infrastructure
- This transition included moving from MPLS/datacenter designs to SD-WAN with Internet breakouts and hybrid or multi-cloud solutions
Network security transformation lagged
- As data networking models evolved so too did network security, but at a lagging pace
- Over time, the expansion of cloud-delivered security solutions helped organizations to align and optimize network security within this new cloud and networking environment
But this new data and networking paradigm requires consideration beyond network security
- Endpoint security has become more critical to consider in this new age of cloud computing and network connectivity where the focus is now squarely on enabling users on laptops, desktops, and mobile devices (endpoints) to access data on cloud servers and VMs (also endpoints)
- Endpoints bookend this continuum of users accessing data on cloud workloads, and as an essential part of the communications flow, they must be considered when designing an end-to-end security solution
Doubling down on the cloud
We have come a long way from the initial cloud use case of test/dev. We’ve since moved to running production-grade applications in the cloud and are now entering the next phase of cloud application development – microservices and containerization. As the cloud becomes increasingly foundational to your organization, it is crucial to prioritize robust security for all cloud workloads. This includes ensuring top-performing endpoint security not only for VMs but also for cloud containers.
Key considerations
As you plan your future in the cloud, keep these key considerations in mind:
Communications continuum: The new communications continuum consists of users on workstations and mobile devices accessing and utilizing data residing in the cloud, within workloads (servers/VMs/containers).
Endpoint significance: Endpoints bookend this continuum so as you consider network security in your modern network and cloud environment, don’t leave endpoint security to chance.
Evaluation and procurement: Assess and procure top performing endpoint security solutions, while ensuring they excel not only on Windows endpoints but also on Linux, given that cloud workloads operate on both Windows and Linux operating systems. Be aware that some solutions may lack feature parity and performance on Linux compared to Windows.
Container security assurance: In addition to robust performance on Linux endpoints, confirm that your chosen endpoint security solutions provide an agent for Kubernetes clusters to secure your cloud containers as well.