Cloud will require a brand new security architecture expert at Help AG say
Help AG creates a Cloud Security Blueprint, with own experience as model
The last few years have seen a dramatic shift in cloud uptake in the region, with customers moving from an affirmative “no” to a “maybe” and then a definite “yes” within the space of a few years.
For security service providers such as Help AG, this meant having to adapt to support customers with an increasing appetite for cloud. And this required creating a brand new architecture for securing cloud workloads, says Nicolai Solling, CTO at Help AG.
There are fundamental challenges with cloud platforms, Solling observes. The first one is the obvious loss of control of data and corporate IT assets. Second are the numerous technical issues because cloud fundamentally changes the way security is handled.
Cloud also changes how cybercriminals operate, Solling says. Granted, Saas platforms, especially the major ones such as Office 365, are fundamentally secure. But cyber attackers are not deterred by this-they simply switch to a different attack model.
This led Help AG to create a Cloud Security Blueprint, built from scratch.
The blueprint is based upon Help AG’S own experience in moving to the cloud, Solling says. “Like any other organisation, we are heavy users of IT ourselves and we face the same security challenges. When it was our own turn to adopt cloud services, we identified key challenges that come with securing cloud architectures, which led us to develop relevant technical solutions for that,” Solling explains.
Help AG had to tackle three challeng- es: The first challenge is that the identity of the user is under increasing pressure than ever before. When faced with a relatively secure architecture such as cloud, the default option is to go for the weakest line - the end user.
The other challenge is how to secure endpoints that have to ultimately communicate with cloud platforms. The third aspect of the blueprint is confidentiality and control of data. Moving to the cloud means putting data onto third-party environments. But wherever that data sits, the organisation still needs technical control of the confidentiality of that data.
“The end result is a set of technology tools and capabilities that provides Help AG with visibility around cloud and the vulnerabilities therein, and then, depending on whether it’s a Saas or an Iaas or Paas, the kind of approach that is required,” Solling says.
Wherever data sits, IT still needs control, Solling says.