SBN

Enhancing Data Security for Your Azure and RedHat OpenShift Cloud Applications

Azure is Microsoft’s hybrid cloud offering which includes cloud services that enable you to create, deploy and manage applications in the public cloud. RedHat OpenShift is a Kubernetes container orchestration platform. The collaboration of both of these in the new release of Azure delivers a managed service for hybrid clouds which provides the customers with a single point of contact for planning, implementation and support. This makes it much easier to learn and roll-out applications in this platform. OpenShift is open source. You can move container applications around rapidly and don’t have the issues of getting yourself extracted from proprietary platforms. The self-service provisioning also makes it much easier for your development team to choose the tools they want and to get it done quickly. OpenShift containerization brings high efficiency as it substantially reduces the time to created, deploy and manage container based applications. The return on investment (ROI) for customers using Azure and RedHat OpenShift is considered by some to be a no brainer. ROI is both a function of cost and time savings, as well as the competitive advantage gained through more rapid deployment of key enterprise applications. Unfortunately, moving to Azure and leveraging RedHat OpenShift can bring unintended consequences to your cloud application deployment. As always, the cloud brings new vulnerabilities to your data, and makes compliance, especially for the largest enterprise, much more difficult. Kubernetes containers are complex and very difficult to protect at the base level. New vendors are trying to roll out new security products to address weaknesses in container security, but these technologies are nascent and don’t begin to address all of the known vulnerabilities. Microsoft Azure environments, like Amazon, Google, or any other cloud vendor, faces a multitude of potential data breaches, if only due to misconfiguration and human error. Very recent examples include data being accidentally shared and highly sensitive data being made available to the public: In November, 2017 it was reported that the Pentagon accidently shared 1.8 Billion intelligence data objects in a database based on mis-configured cloud storage permissions. In October, 2017 it was reported that Accenture inadvertently left a massive store of private data across four unsecured cloud servers, exposing highly sensitive passwords and secret decryption keys that could have inflicted considerable damage on the company and its customers. In September, 2017 it was reported that two cloud-based data repositories managed by BroadSoft Inc. which contained sensitive customer information were configured to enable public access, leaving the information exposed. In February, 2018 it was reported that an affiliate of FedEx exposed the personal information of tens of thousands of users. At a very basic level, data and threat protection for your custom developed in-house Azure cloud applications is very complex and much more difficult than you can predict. How will you encrypt your data end-to-end (at the enterprise edge)? How will this impact the operation of the applications? How will you maintain this? How will you enable one application instance to support your global users, yet meet the data residency requirements of the E.U. give your headquarters is in Los Angeles? How will you support tokenization necessary for global compliance requirements, such as California Data Privacy, GDPR (E.U.), HIPAA and more? Will you have one approach to encryption for your in-house developed cloud applications, another for your SaaS vendor provided applications? How will you manage your data encryption keys globally across all of these disparate applications? CipherCloud can help you address all of these issues safely and securely. Our critically acclaimed and award winning cloud access security broker (CASB+) can provide the necessary protection you need to roll out your custom and in-house developed cloud applications using the Azure cloud and Redhat OpenShift. We address many of the risks inherent in this architecture, including those due to misconfiguration and much more, and provide the tools necessary to enhance data and threat protection. In October of 2017, Gartner Group evaluated the 11 leading CASB vendor solutions across a mix of features including architecture, data security, threat protection, UEBA, compliance/risk, and enterprise integration. The CipherCloud CASB+ platform received a perfect score of 100% in all areas evaluated. We are uniquely positioned to bring the strongest data security, powerful end-to-end encryption, and comprehensive threat protection for Azure cloud users. We can also extend this to any other mix of cloud applications developed and deployed by your enterprise. Azure and RedHat OpenShift bring strong new capabilities to the cloud market. The collaboration of both of these presents new opportunities to more quickly and cost-effectively roll-out your new cloud applications. For more information on how CipherCloud can help protect your Azure applications please check out the benefits of CipherCloud CASB+ at https://www.ciphercloud.com/casb.

*** This is a Security Bloggers Network syndicated blog from CipherCloud CASB+ Platform | Enterprise Cloud Security authored by CipherCloud. Read the original post at: https://www.ciphercloud.com/blog/enhancing-data-security-for-your-azure-and-redhat-openshift-cloud-applications