Strategy: Cloud Security Monitoring
How to Spot Trouble in the Cloud
Corporate decision makers are clamoring for the cloud because the benefits can be compelling: Economies of scale made possible by virtualization allow hosting providers to offer attractive savings over traditional data centers; on-demand services let companies throttle expenditures based on changing needs, such as busy retail seasons; new business initiatives can be spun up without heavy capital investment and IT resources.
All too often, however, security is an afterthought to cost savings, flexibility and convenience. The CISO and other security professionals may be the last to know they’re now responsible for sensitive data living in the cloud. Unfortunately, they’re also the ones left holding the bag when there’s a security incident. Why didn’t they prevent the exposure? Why didn’t the firewall they implemented protect against the attack? Why weren’t the systems being monitored?
The problem is that enterprises are flying blind unless they adapt their security monitoring, incident response and digital forensic policies and procedures to the cloud. In this report, we examine how the different cloud computing architectures impact visibility into IT operations and activities—especially security—and how to adapt enterprise practices to maintain a high level of security in cloud environments. (S2970611)