Cloud Native Security: A Blue Ocean

Cloud Native Security: A Blue Ocean
Author: Anup Deb, Palo Alto Networks
Date Published: 23 October 2020

Digital transformation is driving massive workloads across to the cloud as organizations move beyond a traditional brick and mortar model. Cloud provides the flexibility to execute at speed, time to market and embrace change in the digital landscape. Cloud native application not only carries a competitive edge but is a foundational strategy for organizations to drive operational efficiency, reduce cost and improve agility. Cloud is modernizing the software development lifecycle.

The unrelenting adoption of cloud native application is not only disrupting the market, but the nuances of the change have opened up a serious challenge in defining our network security and overall security requirements. Our security posture around deployment of cloud native applications requires holistic changes as there are deep disparities across the growing architecture. Allow me to illustrate the challenges in the current environment:

1) The challenges organizations face today are restructuring security policies, aligning them to business objectives facilitated by cloud-driven applications. Insufficient visibility of the assets and inventory is a severe constraint.

2) The increasing demand for compliance around regulatory data protection, privacy requirements, industry-led compliances and country laws in response to the growth of digital business means that a comprehensive approach is needed to help secure data in the cloud to defend from unauthorized access, vulnerability or theft.

3) The requirements for implementing DevSecOps, both for applications and cloud configurations, is a challenge. Additionally, there is complexity of application delivery to scale, securing containerization, native cloud delivery and orchestration demands across micro-services running in a multi-hybrid cloud environment.

4) Threats are outpacing security controls across hybrid multi-cloud environments as adversaries leverage the expanding threat landscape, taking advantage of the vulnerability and exposure across the cloud resources.

Managing security within a cloud environment can be complex, as it requires complete coverage for the entire cloud native technology stack, applications and data throughout the entire application lifecycle and across multi- and hybrid clouds. Organizations require adopting a comprehensive strategy that encompasses the following:

Cloud Security Posture Management: The first step to establishing a strong security posture is gaining deep contextual visibility with the ability to have insight into all cloud assets and resources, along with their security and compliance posture. It is important to have visibility into the asset inventory, including resources. Once you know what you have, organizations will have the visibility, compliance and governance to build and enforce customizable governance policies that keep them cloud compliant across both internal and external standards.

Cloud Workload Protection: Cloud is modernizing the software development lifecycle. The evolution of DevOps perhaps determines the most critical aspect of defining what shift-left means and automating security via CI/CD integration. The cloud native landscape is growing, with enterprises bringing in new technologies and levels of abstraction. Monolithic applications are being decomposed to microservices for rapid deployment and management. The relentless pace of moving from batch processing to continuous application releases has become a necessity. This demands priority to secure hosts, containers and virtual machines across the application lifecycle. The choice for different form factors in the cloud provides unique benefits to enterprises and thus have different security requirements. The other challenge is for web application and API security to protect front-end apps and APIs. Organizations must provision technologies for securing any cloud native workload, throughout the development lifecycle applying automated machine learning platform for DevOps and SecOps teams to collaborate and effectively deliver an integrated software lifecycle.

Cloud Network Security: Gain network visibility and enforce identity-based micro-segmentation to contain lateral attacks at the container and host levels with layer 4 and layer 7 distributed firewalls. Segmentation of cloud networks and deploying policies based on logical workload and application identities significantly helps to secure boundaries. Network protection for cloud native environments enforces consistent policies across multi-hybrid environments and the ability to detect and prevent network anomalies by enforcing container-level micro-segmentation, observing traffic flow logs, and leveraging advanced cloud native layer 7 threat prevention.

Cloud Infrastructure Entitlement Management: Managing privileged users and  enforcing least privilege access through automation is an important step to secure and manage the relationships between users and cloud resources. This helps to drive identity access management governance policies across a hybrid multi-cloud environment. Access to an ever-expanding set of sensitive resources can be challenging. Enforce strong identity and access management permissions and secure identities across workloads that will analyze the behavior of cloud users and resources to detect and prevent anomalous behavior, such as an admin logging in from an unknown location or a container accessing a file it should not be able to access.

As more and more workloads transition to the cloud, combining the power of AI and automation will go a long way for both DevOps and security teams to build a robust cloud security strategy.

About the author: Anup Deb leads the Managed Detection Response Practice for Palo Alto Networks in Asia Pacific and Japan region. Anup comes with over two decades of experience in the Information Technology and cybersecurity industry. Anup has specialized in Cybersecurity - Risk and Compliance domain and in Incident Response. Beside specializing in cybersecurity, Anup has rich experience in consulting, sales and alliance management functions. Anup has worked in leading Information Technology companies including IBM, HP, Orange Business Services, Wipro, HCL and a few startups. With over two decades of Industry experience, Anup has been an eminent speaker at industry events and conferences across the region. An active writer/blogger, his writings and research papers are often published in journals of repute. Anup possesses outstanding communication and presentation skills and has been graced with numerous professional awards. Anup is also an active ISACA member.