For channel partners, understanding public cloud security is now essential – but it’s no easy feat. When managing customers with differently configured public cloud environments from various providers, or even hybrid clouds, partners can easily become overwhelmed, and some may not even know where to begin.
To help partners navigate the ins and outs of managing public cloud security and compliance, we’re running a three-part article series to share best practices and key considerations for a public cloud security strategy.
In part 1, we explored shared responsibility models and channel partners’ duties for fulfilling their responsibility for strong security in the cloud. In part 2, we focused on the common problem of cloud misconfigurations, including the risks they can pose by leaving cloud data open to cybercriminals, and how partners can shut down these accidental exposures. Now, in part 3, we will explain the process partners should follow to help their customers deploy a public cloud security strategy that fits their public cloud environment.
Plan and Design
Traditionally, it was unnecessary for partners to consider where a customer stores their data or runs their workloads. But now, in the complex world of the on-prem, private, public, and hybrid cloud environments, it’s crucial for partners to understand the makeup of their customers’ environments to help them plan and design a customized cloud security strategy that’s right for them.
Even then, public cloud security strategies are not one-size fits all. Partners should start by taking a step back to evaluate each customer’s environment. Are they already using a public cloud provider? Are they using more than one cloud provider? Are there any misconfigurations that need to be addressed? Does anything need to be migrated? These are just a few questions you can start with to help set the right security strategy for each customers’ specific needs.
Build and Migrate
One of the biggest challenges organizations face when migrating to the public cloud or when first embarking on their cloud security journey is that most of the security tools that are available today are too noisy. By too noisy, this means that the tools do not allow for aggregation of data from disparate sources and do not offer visibility across all public cloud environments.
During public cloud migrations, the most common question customers ask partners – which partners then ask vendors – is whether or not it will be secure and manageable. In fact, according to Sophos’ report The State of Cloud Security 2020, 96% of organizations are concerned about their current level of cloud security. To help accelerate and make public cloud migrations smoother, partners should focus on eliminating these security concerns by helping their customers build a public cloud security strategy with a comprehensive security bundle, such as Sophos Cloud Optix.
Run and Operate
Once the customer is up and running on the public cloud, security still needs to remain top of mind and the strategy may need to evolve. As discussed in the previous post, misconfigurations are the most common way cybercriminals get access to the cloud, and the primary reason why 70% of organizations suffered a public cloud security breach in the last year. Proactive monitoring of configurations can significantly reduce the likelihood of breaches, along with a layered approach to defense that protects against all possible vectors of attack and can stop cybercriminals who use a range of techniques to get around defenses.
Sophos Cloud Optix provides detection and response in the public cloud, by continually monitoring cloud infrastructure configurations to detect insecure deployments, suspicious access events, over-privileged IAM roles, unusual network traffic, and sudden spikes in cloud spend. Its guardrails lock down configurations to stop accidental or malicious changes that could impact security posture, for both channel partners and the customers they have a duty to protect.
It’s important for partners and customers to operate under the assumption that attackers will find cloud assets. First and foremost, accurate visibility of cloud services is the best way to guarantee they are configured securely and protected against threats. While Sophos Cloud Optix does offer comprehensive cloud security posture management, data is constantly moving in and out of the cloud, which also needs to be protected.
With Sophos Synchronized Security, Cloud Optix is easily connected to Sophos Firewall for visibility and protection on the network, as well as Sophos Intercept X which uses deep learning to protect endpoints and cloud workloads from both known and never-before-seen malware. Each of these solutions is then also wrapped together by Sophos’ Managed Threat Response connector, which offers access to Optix anomaly detections for user logins, outbound network traffic, applications inferred from host behavior, and other high-risk activity. And as a backup plan in the event of an incident, Sophos Rapid Response is available 24/7 to immediately help neutralize active threats.
Adding these extra layers of protection helps partners better assure their customers that their public cloud environment and everything it touches are completely secure. While a public cloud security strategy may be complex to get up and running, a comprehensive security bundle with next-gen solutions eliminates customers’ most prevalent security concerns and makes it simple to for partners to manage on an ongoing basis.
To learn more about cloud security posture management with Sophos Cloud Optix, click here.