Securing Your Cloud: Assume Breach

Do you know how to properly and effectively secure your cloud environment?

Thankfully, the main cloud service providers offer a plethora of security tooling that can be utilised within your environment, which can also be matched with externally provided tools from other vendors to maximise your ringfencing.

I’ll start this piece by saying what a lot of people reading this may surmise. You could assume full-security coverage because your infrastructure, applications, and services have been migrated to a public cloud such as Microsoft Azure or AWS (well done, if that is the case). If this is, in fact, the conclusion you’ve drawn purely because your estate is now being managed by a colossal and reputable company that also happens to manage millions of other customers — think again. Your train of thought is incorrect to a large degree.

Migrating services to a cloud services provider does eliminate the burden of management, but it does not diminish the responsibility or the need to secure your resources. If you’re not using the tools to keep your environment secure, you may need a bit of expert help.

Focusing on Azure, Microsoft kindly offers a wealth of built-in services free-of-charge, or at a relatively low cost, to assist you with securing your environment. Applying the basics with services such as Network Security Groups and Application Gateways, to filter traffic to infrastructure and to create a single secure point of entry for applications, does give you a big step towards enforcing your services and simplifying them simultaneously.

Typically with Azure, increasingly more services are coming complete with a Web Application Firewall (WAF) option, which operates at the Application Layer and detects more intrinsic and complicated web-based threats. I personally see this as a push by Microsoft for their customers to take more responsibility for their own security and to give them the freedom to apply more advanced security measures, which helps customers and takes some of the responsibility away from Microsoft.

Moving on, other Azure services that are offered which can greatly benefit from an authentication point-of-view are services such as Azure Active Directory (AD) P2 licensing, which enables you to apply intelligent AI risk-based policies to all of your user logins, whether it’s into Microsoft 365, Azure, or any other service you may have connected to your Azure AD.

Bringing this all together, all Azure customers can utilise Azure Security Center free-of-charge, which recommends actions to secure your entire environment in a points-based format. There is a reason why Microsoft offers this great product for free and that’s because, again, Microsoft wants you to realise that it’s your responsibility to secure your environment on their platform and, by making it as easy as possible for you to do so, it’s a win-win for everyone.

Closing the Security Gap

As automation becomes increasingly commonplace, the threat of attackers will heighten. It’s time to deploy an intelligent automated analysis service.

We all know by now that with increased cloud uptake and exposure, automating your operations will increase, whether we’re talking software deployment, infrastructure provisioning, or testing. Consequently, a new gap exists for attackers to expose and penetrate. With these operations more automated and typically executed more quickly, they may become less frequently considered by staff and left in a potentially more insecure state that could be more easily infiltrated. In my view, it’s best to fight fire with fire in this instance and that’s where SIEM (Security Information and Event Management) comes into play.

An intelligent automated analysis service like Azure Sentinel has arrived in the last couple of years to cover your entire enterprise. Sentinel can be deployed in any Azure enterprise to intelligently monitor all kinds of threats over various types of environments and, together with Log Analytics, Sentinel can effectively warn and report to you on any potential threats that you and your staff may not seek.

Seemingly the most important weapon in the arsenal of cloud security is your staff. As your cloud adoption accelerates, so should staff training and nurturing in order to be able to best manage and protect against threats and configure the aforementioned services. A weapon is only as good as the person who wields it and, without investment in sufficient staff training, these services could potentially be unused or, worse, be configured incorrectly to enable a breach. Common principles from IT security before the cloud era are applicable to cloud security and, whilst converting this into knowledge for the cloud is not complicated, it requires dedicated time devoted from already-busy schedules.

Security in the cloud is becoming the bedrock for most new hires in the cloud space, as evidenced by looking at most job requirements on ads for Cloud Engineers, Architects, and Managers. It’s not ideal to have siloed personnel who only deal with cloud security; everyone on your team must have a strong understanding of how to maintain and implement it, without having to defer to a dedicated resource who may not be in the office or leave the company, in case a severe need arises.

Security Must Keep Pace

Cloud adoption is accelerating at such a fast pace today, partially due to the global pandemic. Cloud adoption could potentially outpace security tools and practices.

With the drastic need and incentive for many organisations to shift to the cloud faster than planned, common security procedures, tools, and training have the potential to be missed and forgotten. Companies may not be able to keep up with the light-speed pace of cloud uptake and associated requirements. This could create a problem and establish a large attack vector for companies that move to the cloud incredibly quickly, without the needed expertise and crosschecks.

Such a trend also could spurn a worrying ripple effect. If, after a rapid cloud migration, your staff lack training, services may be managed incorrectly and services levels could be breached. Even if you believe you’ve done everything correctly and applied tooling, updated procedures, and trained staff, always assume you can be breached and you’ll never cease to continuously fortify. In the end, that is precisely how one expertly secures the cloud.

Data Intensity is an Oracle Managed Services provider and cloud expert. We can help you fine-tune your cloud strategy and execution. Request your Oracle TCO Transformation Assessment today.

For more information reach out to us by email at or by using the form below:

Get in touch