Cloud security: What it is and how it works

Cloud security is the practice of securing data, applications, and infrastructure involved in cloud computing. While the concepts of cloud security closely resemble that of on-premise IT architecture (you must be able to monitor, detect, and respond to threats), the dynamic and externally hosted nature of cloud computing compels many organizations to adopt cloud-specific security strategies.
The Amazon effect on
cloud security
Your role in
cloud security
security practices
IronNet for
cloud security

The Amazon effect on
cloud security

Cloud computing — and by extension, cloud security — can be traced back to Amazon. In the early 2000s, the online retailer faced a common problem among e-commerce sites: it needed server capacity to handle peaks in holiday shopping.

As the story goes, Amazon bought the faster servers and began renting unused capacity during off-peak times as a way to generate revenue during periods when they did not need the compute capacity. Flash forward to today, and Amazon Web Services (AWS) has grown into the largest and most successful cloud infrastructure in the world.

Just as robbers rob banks because that’s where the money is, cyber criminals now look to the cloud to steal information because that is where data resides. Yet, unlike on-premise security, where you have the comfort of implementing security controls on your company’s network and devices that you own to keep people out of systems, information in the cloud feels both everywhere and nowhere, adding a layer of abstraction to how you should protect your enterprise.

But in reality, the concept of securing the cloud isn’t much different from securing internal IT environments. The same guidelines apply: You must be able to determine who’s coming in, who can go where, and whether users are doing what they’re supposed to be doing.

For a compelling deep dive of this Amazon effect, see “Amazon Enters the Cloud Computing Business” from Stanford University in 2008.

Securing expansion
to the cloud

Relying on IronNet as a strategic partner as it begins its journey to the cloud, one premier global financial services institution looks to cyber analytics to contain risk and protect its well-known Fortune 500 reputation.

Your role in cloud security

A common misconception with cloud security is that cloud service providers are responsible for security. That’s simply not the case. A good rule of thumb is while cloud providers are responsible for security of the cloud, companies must secure what’s in the cloud.

To put it another way, cloud security is a shared responsibility. And as many in the security community put it, your responsibilities vary by your cloud service model, whether software-as-a-service (SaaS), platform-as-a-service (PaaS),
or infrastructure-as-a-service (IaaS).

An enterprise's role in cloud security
The responsibility parameters for customers to secure:

Their data and user access for
Their data, user access, and applications for

Their data, user access, applications, operating systems,
and virtual network traffic for Infrastructure-as-a-service

To learn more:

IronNet whitepaper: As remote workforces settle in for the long haul, do you Lose Network Security Visibility or Crush Your VPN?

How do behavioral analytics work to strengthen cybersecurity? Learn more in our “AI: Hype or High Priority?” white paper.

Cloud security practices

Now that you understand the basics of what aspects of the cloud you’re responsible for securing, how can you secure them? The good news is that the fundamentals of cloud security best practices closely resemble that of on-premise IT architecture security. You’ll want:

Identity and access management:
These are policies and technologies designed to ensure that employees have the secure and appropriate access to technology resources.

Logging and
These tools help you audit, monitor, and log potential security threats. This is particularly important when running cloud-based applications such as Salesforce or Office 365.
Network detection and response;
NDR platforms enable organizations to monitor virtual network traffic for malicious actors and suspicious behavior, and respond to the detection of cyber threats in the cloud and internal networks. This is especially important for IaaS environments where you are responsible for more elements of security.
It’s important to note that network security is fundamental in cloud, on-premise, and hybrid environments. As the Cloud Security Alliance notes in its Critical Security Guidance for Critical Areas of Focus in Cloud Computing v4.0, “Providers must maintain the core security of the physical/traditional networks that the platform is built on. A security failure at the root network will likely compromise the security of all customers. And this security must be managed for arbitrary communications and multiple tenants, some of which must be considered adversarial.”

Fortress Cyber Security Award

For the second consecutive year, IronNet won a Fortress Cyber Security Award in the Public & Private Cloud category for IronDome. The award recognizes the world’s leading companies and products that are working to keep our data and digital assets safe.

IronNet for cloud security

For comprehensive cloud security, IronNet’s Collective Defense platform builds a dynamic, comprehensive picture of the threat environment, much like radar for cyberspace, based on real-time, anonymized alert correlation across any participating member environments. This approach provides visibility into what’s in the cloud, who’s in the cloud, and what’s happening in the cloud.

IronDefense is the industry’s only NDR platform for hybrid cloud networks. It applies proven behavioral analysis techniques and industry-leading packet-level cyber hunt interface to increase visibility to public cloud assets, data and workloads and to detect threats targeting virtual private networks or applications in the cloud that evade traditional cyber security tools. IronDefense NDR allows you to find stealthy threats that evade traditional cybersecurity tools. So IronDefense analyzes network traffic across any number of cloud and on-premise enterprise networks.
IronNet’s Collective Defense platform, powered by IronDome, allows organizations of all sizes to share threat data anonymously, at network speed, to increase visibility into incoming cyber attacks. The key here is obtaining real-time visibility and threat intelligence across an industry to threats targeting public cloud applications and environments.
IronNet-Cloud-Cloud Insecurity Thumbnail

Comprehensive cloud security

IronNet’s network detection and response solution driven by behavioral analytics enables you to see the truth in the network traffic. With AWS and Azure integrations, for example, IronDefense can access cloud logs to detect and analyze threats and provide anonymous, correlated context that no single enterprise would have on its own.

See IronNet’s AWS and Azure marketplace listings to learn more on IronNet for cloud security.