CYBER SUNDAY: Managing cloud security

With the shift of many businesses to cloud infrastructures, many businesses have IT teams facing the challenge of managing access control and identity management in both on-premise and cloud environments.

With the onset of the recent pandemic and more employees working remotely, there are strategic plays technology teams are reviewing and adopting to take advantage of what cloud providers offer.

As with any significant change, the move brings new challenges and opportunities that will take time and training to fully understand and develop.

On-premises solutions for access control and identity management have typically relied on physical security measures such as firewalls, building security around physical access and access controls to the servers themselves.

However, in the cloud, physical security is largely handled by the cloud and identity providers, such as Okta, Microsoft, Google and others.

The focus for many IT teams now shifts to these software-based solutions for access control in addition to maintaining the previous measures for hybrid work environments — a double whammy for many IT teams that now manage an increased attack surface.

Cloud-based solutions for access control and identity management are similar to on-premise solutions, but they may offer significant advantages in terms of scalability, flexibility and security.

In the cloud, IT teams can easily add or remove users, modify roles and permissions, and potentially monitor access to sensitive information. This helps businesses maintain the security of their information even as employees and contractors come and go.

One of the key risks associated with cloud infrastructure is that resources are accessible over the open internet, which makes them vulnerable to attack. This is particularly true for admin and privileged logins, which provide access to sensitive information and control over the cloud environment.

As a result, one key aspect of securing the cloud involves businesses taking the necessary steps to protect their admin logins by using strong authentication mechanisms. Event monitoring, multifactor authentication and regular entitlement reviews to make sure employees are properly offboarded are more important than ever.

The transition from on-premise to cloud solutions requires resources and training over time.

While the tenets of security remain, the options and interface for controlling access can be very different.

I've never driven a Tesla, but I imagine it may take a moment to understand all the controls to safely move down the highway. IT teams are faced with the same challenges of taking what they know today and applying it to something new to safely travel the information highway.

All the bells and whistles need to be understood and properly configured. Without proper care and appropriate funding of this endeavor, there may be unforced errors that develop due to lack of experience in these new technologies.

The shift toward cloud infrastructure requires a transition from traditional on-premise solutions to cloud-based ones.

This transition requires resources and training, and it requires businesses to invest in new technologies, allocate resources for ongoing maintenance and support, and provide employees with the skills and knowledge they need to effectively manage access control and identity management in the cloud.

By properly managing access to sensitive information, businesses can reduce the risk of data breaches, comply with regulations and maintain the security of their information, even as employees and contractors come and go.

Paul Nus is the director of technology at Folience, The Gazette’s parent company, and a board member of SecMidwest, a Cedar Rapids-based nonprofit focused on cybersecurity education; SecMidwest.org. Comments: paul@folience.com