This is the second in a four-blog series entitled “Cloud Security Pitfall: Understanding the Shared Responsibility Model.” Click here to read the first blog.
While the cloud offers many powerful and transformative benefits to enterprise organizations, it also undeniably increases the complexity of enterprise architectures. And with complexity comes increased security risks.
As Jason Bloomberg pointed out in the first blog of this four-part series, the cloud’s shared responsibility model presents a challenge that IT organizations must understand and address if they are going to ensure security and compliance in the cloud. This need becomes even more critical as enterprises come to terms with the fact that their architectures will span on-premises, private cloud and multi-cloud environments — what we now refer to as hybrid IT.
But dealing with shared responsibility is more than just a technical problem. Addressing it will demand that organizations change the way they look at security and recognize that they must approach it in a cross-functional manner.
This cross-functional approach to closing the shared responsibility gap and ensuring cloud security will demand that enterprises break down the silos between security and operations teams and create crystal clear visibility into what is happening within their new hybrid IT environment.
The Coming Convergence of Security and Operations
Securing the enterprise has become a significant cost and resource drain on organizations. The increased technology footprint and greater technical complexity have increased the attack surfaces available to bad actors. The introduction of cloud-based solutions and the increased velocity of technology-driven innovation has only made the situation worse.
As the security situation continues to escalate, it is exposing a flaw in how enterprises have traditionally approached it: the siloed security organization.
While security is and will remain a distinct discipline requiring significant expertise, the idea that organizations can manage security as a separate organizational function is rapidly unraveling. Organizations are recognizing that they must instantiate and manage security directly within the operational workflow because it is often the handoffs and disconnected responsibilities that allow security gaps to form and fester in the first place.
As organizations begin to grapple with the challenges of the cloud’s shared responsibility model, the problem of disconnected security and operations teams becomes painfully obvious. While the security team is concerned about policy enforcement, threat detection, and mitigation activities, the operations team is focused on performance, manageability, and optimization — all of which they must instrument within cloud environments.
When different teams are responsible for different elements of the shared responsibility model — and have no interest in each other’s concerns — it becomes fertile ground for the types of security vulnerabilities that are becoming commonplace in cloud deployments. The need to close this gap is forcing organizations to break down the silos, take a more holistic approach to securing their environments and find ways to integrate their security and operations functions more closely.
A Common Enemy. A Common Solution.
Both operations and security teams are coming under ever-increasing pressure to do more with fewer resources while also increasing the velocity of new technology deployments and changes to existing ones. Each new addition or change, however, increases the complexity of the environment and makes each subsequent addition or change more difficult, riskier and more onerous to secure.
This complexity is the common enemy that both functional teams must combat. As they each fight this battle, they are both turning to data as a means of understanding what is happening within their environment. And they are realizing that it’s mostly the same data.
Whether from an operational or security perspective, organizations need to harvest operational data and use it to create the visibility that will allow them to see patterns within their complex environment. This becomes even more critical when dealing with the cloud and its shared responsibility model as the visibility of network and operational data allows them to meet the needs of both teams simultaneously.
There are, of course, several challenges when it comes to exposing and consuming this all-important data. The first is that organizations have not limited the siloing to the functional hierarchy. In most cases, they have siloed their data as well. The second challenge is that the very data organizations need to create visibility is often hard to get from cloud providers.
To get the visibility they require, therefore, organizations will need to break down the functional and data silos, find ways to harvest operational data from cloud providers and then leverage it to meet both their operational and security needs.
The Intellyx Take
In truth, the cloud’s shared responsibility model is nothing new. Different functional units within enterprise organizations have long ‘shared responsibility’ for deploying, managing and supporting the technology stack. The difference, of course, is that they now must share responsibility with an outside third party — one over which they have little control.
Moreover, as the technology stack becomes more ingrained into how the organization creates competitive value and advantage, the stakes will only get higher. Operational and security teams must recognize that they share the same goals and that they each have much to lose if the organization’s cloud deployments are not optimized for both security and operational requirements.
This need to address both security and operational demands is obvious, yet it is the disconnected approach most organizations have employed when it comes to the cloud that has created the gaps when grappling with the shared responsibility model. Enterprises must, therefore, overcome the traditional organizational and data silos and realize that they can simultaneously meet their operational and security needs. Those that do so and then turn their focus to using their operational data to create visibility across their hybrid IT environment will overcome the risks of the shared responsibility model and be able to leverage the cloud without fear as they continue on their transformational journey.
Copyright © Intellyx LLC. Gigamon is an Intellyx client. Intellyx retains full editorial control over the content of this paper.
This article was originally published on the Gigamon blog.