Ik hoor vaak dat cloudgebaseerde beveiligingsoplossingen alle beveiligingszorgen wegnemen. Maar het simpele feit is dat een totaaloplossing niet bestaat. Waarom? Omdat de domeinen simpelweg te divers zijn om met één oplossing aan te pakken.
We selecteren hier interessante artikelen uit het internationale netwerk van onze uitgever IDG.
If you try to push the same security solution across all workloads, you'll find it doesn't work across them all -- and that's if you're lucky. If you're not lucky, you won't know until it's too late where the solution doesn't work.
Your applications are built with very different programming engines, databases, and middleware, and all those attributes help determine the type of security solution you should use. That brings in (necessary) complexity, which makes using "standard" security tools and processes an impossibility most of the time.
Also, compliance requirements differ vastly across companies and systems. People who are in health care understand this only too well, as do those in finance. Even organizations that do not have to deal with strict regulation may find that the "security solution in a box" misses things that can cause problem later, including how it deals with personally identifiable information and other regulated data.
Today's best model for security includes the use of identity and access management (IAM), which is based largely on the requirements of the workloads. IAM systems are very configurable, so they can be different things to different cloud workloads. That's a good thing, but it means you'll have to do a lot of customizing because nothing will work out of the box.
It's not all bad news. There are standard security configurations that you can use around similar workloads. But you must understand the problem and solutions patterns, then try to find some commonality to have any realistic hopes of applying a "standard" or "out of the box" security solution to that subset.
You should expect to deal with dozens of security tools and models to get security right for your cloud projects -- just as you should for your on-premises technologies. There's no free lunch.