There isn’t a state of being that any organism seeks more than security. Pleasure and excitement are wonderful, but unless doled out in small doses, their effect wears out quickly. Security never loses its appeal, and in a world that can be unexpectedly harsh at times, security braces us and provides comfort.
In the pursuit of security, we bend over backwards to achieve financial stability, healthy bodies, and a safety membrane around our family and loved ones. It’s strange, then, that many will go to such great lengths for some things, but neglect others. Cloud environments also need to be secure, but many of those responsible for them throw caution to the wind and simply hope for the best. It’s not only a bad strategy for the security of data and internal resources, but it breeds a mindset of irresponsibility that prevents important efforts at girding against hacks and breaches.
It’s time to frame cloud security in the same context of the security applied to other areas of our lives and embrace a a love for it. Save your flowers and See’s Candy for your loved ones, but remember that if you love your job, your customers, and avoiding board-level meetings where you have to explain how a 15 year-old hacker planted malware into an open repository that subsequently leaked millions of customer records and cost the company billions in market cap, then let’s get on board with a concept that applies to every aspect of our lives – say it with me, brothers and sisters: I LOVE SECURITY.
This isn’t romantic kind of love, unless you’re into that kind of thing (and we’re not judging). But it’s a love borne of responsibility, and those tasked with managing user, customer, and internal data have to bear that responsibility and carry out whatever measures will keep it secure. You don’t have to love writing remediation scripts to make your security posture more manageable, but you have to love maintaining control and order. Without that, you’ll lose one of your most critical competitive weapons, and there will most certainly be no love sent in your direction.
Security is not a zero-sum effort. Your cloud environment, for example, is a dynamic state, so you’re always working to achieve and maintain a level of security that is acceptable; the process is a continuous one and will always require attention. Like any type of security, obsessiveness may serve a purpose, but it probably won’t help you achieve your goals because a dent in your security posture could come from innumerable possible places. Sitting around staring at it doesn’t constitute constitute effective management of it, and frankly, it doesn’t accomplish much, either. This is where automation is key; automated and continuous monitoring of security controls in a cloud environment will keep you aware of the pulse and specifics of your resources and data, and it will free you to think about some of the more strategic aspects of keeping your infrastructure safe.
Security is, when done in the interests of others as well as yourself, an act of love. So on a day that celebrates love, let us not forget why we do what we do. We who endeavor to keep things safe love security, and even though we may not get a box of nuts and chews for it, we aren’t truly happy unless we spread that love…across every cloud resource, service, and environment.
This is a Security Bloggers Network syndicated blog post authored by Patrick Flanders. Read the original post at: Cloud Sentry Blog