DECEMBER - JANUARYCIOAPPLICATIONS.COM9the adoption of cloud technologies from AWS, Azure and GCS will increase. Likewise, I would expect an increase in shared data center spaces to take place. The shift to the cloud will have its challenges in part due to current IT staff obtaining the knowledge to safely running those systems in those new environments. Availability of experienced resources are limited and very expensive at this time. Therefore, finding a trusted partner for the platform of choice will be the best option. Providing training and encourage certifications to existing IT and security staff will be necessary and will help them grow and stay updated. Keep in mind that with that growth comes at a cost due to your team becoming more valuable and very sought after. This increase in salaries and training must be factored into the budget.Making any investment in the cloud by either development or IT teams should have a strong partnership with the company's security team. In fact, I would argue that the security team should own the cloud move. It is a great time to rethink security and how things are done in the organization. Just like any connection that is done on premise that connects to the internet there is an increase in risk with that system. The cloud configurations are no different. A simple checkbox can be the difference between secure data or exposed for all to see and ending up on the nightly news for a breach. Having the security team setup the cloud environment in a secure state with proper monitoring and automation will help reduce the risk when other teams begin to create objects in the cloud environment.We have seen time and time again, that leaked databases and files out on the cloud was not due to the cloud provider but instead misconfiguration by the company that owned the data. Constant review and strict procedures must be developed to reduce the risk of a misconfiguration. Just in time credentials with MFA should be used to make sure that no one has default privileged access. The risk of credential stuffing is too high with billions of credentials available on the internet. Any sort of access to the cloud environment must have MFA turned on with least privilege access principles in effect.The move to the cloud and co-location data centers can be an exciting time for IT and security staff. It provides a time to architect the legacy environment into modern day best practices or adopting concepts such as Zero Trust. The project can be stressful, but very rewarding to the teams when done correctly. It can allow the staff and executives sleep a little better knowing that your company's data is running faster and safer. Making any investment in the cloud by either development or IT teams should have a strong partnership with the company's security team
<
Page 8 |
Page 10 >