sb-as logo
Story image

How to avoid common mistakes when moving to the cloud

With more than 30% of the global cloud market and a wide variety of customisable features, Amazon Web Services (AWS) have become the go-to provider of cloud services for many companies. 

But access, ease-of-use, and the pace at which DevOps teams make changes requiring continuous monitoring of configurations go hand-in-hand with critical security concerns, as many enterprises discovered after experiencing a breach in the AWS cloud

Fortunately, there are steps you can take to keep your company secure. Security teams need to understand their part in the shared responsibility model, where customers retain control of what security they choose to implement to protect their own content, platform, applications, systems, and networks, no differently than they would for applications in an onsite data centre. 

The complexity of Amazon’s feature-rich service means that users aren’t always aware of the best security controls and practices of the system. 

With organisations in various stages of public cloud adoption and with different cloud maturity capabilities, an organisation’s maturity level combined with Amazon’s speed of innovation requires to focus on configurations that may be exploited in a specific context.

One key driver behind the move to the cloud is the promise of an elastic, scalable service that supports your organisation as it grows and your security needs change. No capacity planning or regular hardware upgrades required. 

However, to deliver on that promise, you can’t simply move traditional, on-premises security technologies into the cloud. From the start, Netskope built a cloud-native security platform for SaaS, IaaS, and the web. 

Using a containerised, microservices-based architecture, Netskope Cloud Security was designed so that every component of the security service can seamlessly scale based on the needs of our customers. 

When you have a separate product architecture for web security that is different from your product architecture for cloud security, you miss advanced threats that use the combination of cloud and web to cause damage. One example is an attack that delivers a malicious payload from a website and uses a cloud storage app for command and control. 

Getting visibility into both the cloud storage side to detect the script execution and seeing the payload movement from the website will help you get a complete picture of this threat and control all stages of the attack. 

The Netskope Cloud Security platform was built from the ground up to analyse both cloud and web transactions in real time, decode rich contextual details about usage, and identify anomalous behaviour and risky activities for users of both web and cloud. That includes identifying threats and anomalous behaviour that takes places across cloud and web.

The cloud presents a tremendous opportunity to make your users more agile and collaborative, giving your company a competitive edge. There is an opportunity to embrace both IT-led and user-led cloud services, but it’s important to do it safely.

Netskope is represented by Katana Technologies, an IT security and risk-focused distributor servicing the New Zealand and ASEAN market with select and specialist partners.

Click here to find out more.

Story image
Device authentication services to reach $8.4 billion by 2026 in response to IoT cybersecurity
"There are several key technologies revolving around authentication security that currently transform the IoT device value chain."More
Story image
Australians ignoring cybersecurity policies in favour of productivity
Trend Micro has found that 67% of remote workers have increased their cybersecurity awareness during COVID-19 related lockdowns. However, despite greater awareness people may still engage in risky behaviour, the survey finds.More
Story image
Interview: Checkmarx on the state of software security in Asia Pacific
"While the benefits of software are obvious, this proliferation also creates a massive and ever-evolving attack surface,” says Checkmarx A/NZ country manager Raygan Flores.More
Story image
Okta, CrowdStrike, Netskope and Proofpoint create shared zero trust security strategy
Okta, CrowdStrike, Netskope and Proofpoint have joined forces to develop and launch an integrated, zero trust security strategy, stating that this is crucial for today’s digital and remote working environments.More
Story image
IT pros report increase in security issues due to remote working
Security issues, IT workloads and communication challenges have all seen significant increases in the new remote working era, according to new research from Ivanti.More
Story image
IBM report: Security response improving - containing attacks, not so much
“While more organisations are taking incident response planning seriously, preparing for cyber-attacks isn’t a one and done activity."More