FINAL WORD

Eyal Arazi , of Radware , discusses the major security threats with migrating workloads to public cloud environments .

up organizations to a slate of new , cloud-native attack vectors which did not exist in the world of premise-based data centers . In this new environment , workload security is defined by which users have access to a business ’ s cloud environment and what permissions they have . As a result , protecting against excessive permissions , and quickly responding when those permissions are abused , becomes the number one priority for security administrators .

Traditionally , computing workloads resided within the organization ’ s data centers , where they were protected against insider threats . Application protection was focused primarily on perimeter protection , through mechanisms such as firewalls , IPS / IDS , WAF and DDoS protection , secure gateways , etc .

However , moving workloads to the cloud has led to organizations ( and IT admins ) to lose direct physical control over their workloads and relinquish many aspects of security through the shared responsibility model .

As a result , the insider of the old , premise-based world is suddenly an outsider in the new world of publicly hosted cloud workloads .

IT administrators and hackers now have identical access to publicly hosted workloads , using standard connection methods , protocols and public APIs . As a result , the whole world becomes an insider threat .

Workload security , therefore , is defined by the people who can access those workloads , and the permissions they have .

One of the primary reasons for migrating to the cloud is speeding up time-to-market and business processes . As a result , cloud environments make it very easy to spin up new resources and grant wide-ranging permissions , and very difficult to keep track of who has them , and what permissions they actually use .

82 INTELLIGENTCIO www . intelligentcio . com