Q&
EDITOR’S
lM
I
as
ri,
S
st
Ea
r M
dle
ana
d
i
M
ger C
hannel, Nutanix –
t is a well-established fact an increasing
number of enterprises across the globe are
embracing cloud computing. Whether an
enterprise is using a public, private or hybrid
cloud model, cloud security is unquestionably
one of the most significant concerns.
Finding the right cloud provider(s) is not
the easiest undertaking. It is important that
you assess your list of potential providers
for critical proactive and reactive capabilities
across assorted storage mediums. Broadly
speaking, cloud providers are accountable
for the security inside their infrastructure.
They provide organisations with some of
50
BASSAM ALMASRI, SR MANAGER
CHANNEL, NUTANIX – MIDDLE EAST
the capabilities you need in order to protect
your data while it’s in their infrastructure.
Some enterprises incorrectly assume,
however, that the job of securing their data
and workloads present on the cloud is the
responsibility of cloud service providers.
Your providers’ obligations are restricted to
what is detailed in their contracted service-
level agreement.
The other thing you must not overlook
is that they offer you tooling and resources
to help you construct and keep up a secure
system solely within their infrastructure.
Multi-cloud environments are not included
in their purview. In addition, data retention,
security, and resilience remain the
responsibility of users only. Which means
that cloud security responsibilities are as
much your job as they are your providers.
How can you be sure that your security
and compliance standards will be met
before you move workloads and data to a
public cloud?
Take a cloud security-first approach
First things first, take a security-first
approach that achieves a state of continuous
cloud compliance. This will lower costs,
minimise risks and reduce the complexity
of cloud operations. A security-first model
maintains continuous monitoring and
management of cloud security risks and
threats, leveraging tools and automation that:
Monitors security threats through real-
time discovery
Understands security threats through
deep insights
Acts on threats through automated
policies, processes, and controls
Measures security and compliance results
with robust reporting capabilities
Consider the platform
In a security-first approach, you need a
multi-cloud platform that continuously
monitors and manages cloud security
against your set policies and compliance
standards, providing:
A complete and unified view of all
cloud accounts
Generation of regular compliance reports
Identification, prioritisation and
remediation of compliance risks
End-to-end lifecycle compliance monitoring
Audit reports that demonstrate
round-the-clock security management
and compliance
In addition, the top 10 cloud security
trends that users must be aware of for
success in 2019 are: access management;
data security; infrastructure security;
microservices security; threat management;
vulnerability management; secure SDLC;
logging and auditing; incident response;
and compliance.