24 June 2019

How to secure your cloud infrastructure

SIEM

With cloud security, the challenge facing most organisations is one of visibility. Visibility, that is, across multiple cloud and on-premise systems, typically a result of tools used and their biased strengths.

Add the advent of cross-platform cloud computing and digital businesses plus the explosion in data and the demands for data-intelligence from non-IT audiences and that challenge is even greater.

Then there are the costs of cloud deployment, customer churn and dissatisfaction and potential security issues – all of which create multiple blind spots.

Why do you need to secure your cloud infrastructure?

  • Firstly, more data communication will be happening outside your organisation’s boundaries. New arrangements will be required to make sure security policies remain in place.
  • Secondly, people can be anxious about data and applications in the cloud. In truth they are at least as secure as those within the organisation, but additional reassurance is necessary.
  • Lastly, many organisations are hybrid in nature – they have data inside the organisation, outside in multiple Virtual Private Clouds and in cloud services – but they want to be able to manage and secure them seamlessly.

Monitoring your cloud infrastructure security

It’s essential to have a clear cloud security monitoring strategy and to prioritise objectives. These objectives should involve multiple audiences – not just IT operations.

Acquiring, analysing and presenting data, then engaging with it and actioning it, all involve increasing levels of abstraction. After all, does anybody make decisions based on a single piece of data anymore?

Using a monitoring strategy to identify security and performance issues

Whatever your problem – whether it’s a security issue identified by Sec Ops or a customer experience issue identified by multiple audiences (low hourly sales = line of business, high latency = IT), all audiences must be able to process, analyse and action.

Whatever infrastructure or cloud you’re using, and whichever tool monitors it, if your strategy is unclear, it will fail.

Consider:

  • How are you going to measure performance of the cloud resources you’re paying for?
  • How are you going to collate the data for those metrics, especially across multiple cloud providers?
  • How will you present them to your peers to get them to behave in the way you want to?
  • How do you know your cloud is safe, vulnerable or being attacked?
  • How do you monitor, detect and manage incidents in your cloud?

Analysing your cloud infrastructure performance

The performance of applications can have a direct impact on business – for example, the performance of shopping cart applications can increase drop off rates. So analysing and monitoring performance in a way that meets the needs of multiple areas of the business – sales, marketing, accounting as well as IT – is essential.

It’s great to buy additional resources to immediately improve performance in the cloud, but it also results in increased pressure on IT management. The system needs to be able to push back by maintaining MI on the performance of each resource in each location, and of the network(s) used to access them – comparing performance across locations and geographies is essential if you are going to be able to establish benchmarks that are meaningful.

Using tools to monitor cloud security and performance

Many tools exist, overlap and can be consolidated under a clear monitoring strategy. Ask yourself: do security and network operations centres need separate tools any longer? Some could well be shared.

Never select tools for your strategy which are simply for the here and now. Very effective AIops tools are being developed to post process and analyse, enabling different levels of action or engagement – from fully automated action to expert insight.

Find out how Apto can help monitor your business, your cloud

    Stay updated with the latest from Apto

    Subscribe now to receive monthly updates on all things SIEM.

    We'll never send spam or sell your data, see our privacy policy

    See how we can build your digital capability,
    call us on +44(0)845 226 3351 or send us an email…