sb-nz logo
Story image

How to avoid common mistakes when moving to the cloud

With more than 30% of the global cloud market and a wide variety of customisable features, Amazon Web Services (AWS) have become the go-to provider of cloud services for many companies. 

But access, ease-of-use, and the pace at which DevOps teams make changes requiring continuous monitoring of configurations go hand-in-hand with critical security concerns, as many enterprises discovered after experiencing a breach in the AWS cloud

Fortunately, there are steps you can take to keep your company secure. Security teams need to understand their part in the shared responsibility model, where customers retain control of what security they choose to implement to protect their own content, platform, applications, systems, and networks, no differently than they would for applications in an onsite data centre. 

The complexity of Amazon’s feature-rich service means that users aren’t always aware of the best security controls and practices of the system. 

With organisations in various stages of public cloud adoption and with different cloud maturity capabilities, an organisation’s maturity level combined with Amazon’s speed of innovation requires to focus on configurations that may be exploited in a specific context.

One key driver behind the move to the cloud is the promise of an elastic, scalable service that supports your organisation as it grows and your security needs change. No capacity planning or regular hardware upgrades required. 

However, to deliver on that promise, you can’t simply move traditional, on-premises security technologies into the cloud. From the start, Netskope built a cloud-native security platform for SaaS, IaaS, and the web. 

Using a containerised, microservices-based architecture, Netskope Cloud Security was designed so that every component of the security service can seamlessly scale based on the needs of our customers. 

When you have a separate product architecture for web security that is different from your product architecture for cloud security, you miss advanced threats that use the combination of cloud and web to cause damage. One example is an attack that delivers a malicious payload from a website and uses a cloud storage app for command and control. 

Getting visibility into both the cloud storage side to detect the script execution and seeing the payload movement from the website will help you get a complete picture of this threat and control all stages of the attack. 

The Netskope Cloud Security platform was built from the ground up to analyse both cloud and web transactions in real time, decode rich contextual details about usage, and identify anomalous behaviour and risky activities for users of both web and cloud. That includes identifying threats and anomalous behaviour that takes places across cloud and web.

The cloud presents a tremendous opportunity to make your users more agile and collaborative, giving your company a competitive edge. There is an opportunity to embrace both IT-led and user-led cloud services, but it’s important to do it safely.

Netskope is represented by Katana Technologies, an IT security and risk-focused distributor servicing the New Zealand and ASEAN market with select and specialist partners.

Click here to find out more.

Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
Hackers offering forged “official” COVID vaccination certificates and negative test results on dark net 
There has been a 350% increase in the number of advertisements selling alleged COVID vaccines within the last three months.More
Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Story image
Addressing the challenges of least privilege access
Enforcing the right privilege policies across the environment with the right visibility and observability will ensure that the policy mandates hold tight against any behaviour changes.More
Story image
APAC financial firms bite down as crime compliance costs rise
The total projected cost of financial crime compliance within Asia Pacific firms reached US$12.06 billion, according to a new report.More
Story image
IT leaders prioritising automation, Zero Trust and API-based security investments
"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fuelled explosion in distributed and remote work has created a perfect storm for network security teams."More