Bookmark and Share

Creating a Secure Cloud Infrastructure

Vladimir Svidesskis and his roundtable began by discussing due diligence procedures for securing a cloud infrastructure. First, security teams can implement their cloud infrastructure by anchoring it onto a framework. Second, they can report all progress to the board and executive leadership. Finally, they can enact continuous and dynamic assessments of their cloud infrastructure as things change. There are aspects about the cloud that unsettle people, but the basics are still the basics for establishing an infrastructure. However, there are both advantages and disadvantages to the cloud. Enterprises will have to consider things like bandwidth in the global arena, compliance and GDPR, audits and reviews, and multiple third-party cloud service providers (CSPs) and their consistency. In vetting third-party CSPs, enterprises will need to examine their longevity, experience, and certifications. If enterprises want to address certain security vulnerabilities with the cloud, it will depend on the platform and how much visibility they have, something they will want to keep in mind when negotiating a contract for cloud services. As for any old legacy programs still in effect, it’s time to lift and shift them to the cloud in silo.