Security continues to be one of the top concerns for 90 percent of our clients adopting cloud. It’s further intensified with 75 percent of the clients embracing a multicloud deployment model.
Cloud introduces a decentralized model that makes managing policies and keeping up with changing regulatory mandates challenging. In addition, cloud introduces additional risks, misconfigurations and architecture complexities. With limited resources, clients are looking for clarity on the shared responsibility model to protect critical data, demonstrate compliance and manage threats.
AWS has made significant strides to provide comprehensive security capabilities to help clients overcome the challenges of cloud adoption. For example, AWS cloud security includes infrastructure and services to prevent, detect, respond and remediate in an evolving compliance and threat landscape.
However, clients are still responsible for overall compliance and security for their hybrid cloud enterprise. They need to manage policies and enable visibility across their distributed environments of on-premises and cloud. For that reason, AWS recommends that its clients follow a shared responsibility model.
Whether clients embrace hybrid, multicloud environments or only AWS, we need to think about cloud security as a program that is part of the overall enterprise security. The following figure provides a set of guiding principles for hybrid cloud security and compliance to mitigate risk.
Figure 1: The building blocks of hybrid, multicloud security
The three focus areas to highlight are:
People: Enable skilled individuals working across multiple teams and cultures to collaborate
Processes: Develop workflows that span several vendor capabilities, security domains and teams
Technology: Leverage operational tools for comprehensive visibility and management of ..
Support the originator by clicking the read the rest link below.
