As more infrastructure is moved to the cloud, there are many opportunities to reconsider your security stance and relationships to build ever stronger and more secure IT solutions whilst reducing your security costs. In this post, I’m looking to explore some ways that you can build out your alliances to be better prepared and battle-worthy on the digital security war front.

For a long time, the main players in securing your network have been your own security team and your security product vendors. But with services getting split across disparate providers and key infrastructure features ending up hosted across the world, there is a real need to consider how to expand the range of security specialists outside of these domains.

Cloud Vendors

Consider, for example, leveraging your Platform as a Service (PaaS) platform provider’s expertise. Using PaaS will allow you to “outsource” your operating system hardening and security maintenance. I’ve spoken in the past about the differences between IaaS and PaaS, but with the rise of working from home in the past year and a shortage of skilled security specialists (and those that do exist are often overburdened with an increased workload managing new work-from-home security concerns), the benefits of a PaaS provider expertise start to become all the more important.

By picking PaaS options, (Indeed, SaaS options gain many of these benefits, too.) you can safely overload a lot of the burden for securing your cloud services since a lot of the underlying infrastructure is secured and managed by your cloud provider. This doesn’t mean you get a free pass on not assessing the security of the implementations, but it can significantly reduce the workload whilst reducing the risk of costly downtime as cloud providers manage aspects of your configuration.

Standards Bodies and Community Organizations

Moving (Read more...)