Let's Talk About Cloud Security
There are certainly some new things about how security should be done in the cloud, the goals principles remain the same but there are a number of new considerations that should be taken into place, the fact that a number of aspect relating to infrastructure are no longer within your control brings about a whole new approach that should be taken in cloud security. The cloud brings a whole new set of challenges and risk, but none the less the essence remains the same. The various pieces and parts of cloud security ranging from IAM (Identity and Access Management) to storage security, network security and other threats like DDOS (distributed denial of Service) intrusion detection systems, API Security etc. Just as the Cloud bring new set of Capabilities and Advantages it as brings about new frontiers of threats as well. These would require that we be more agile ie learn fast from incidences, both from internal and external as well adapt fast. But also moving slowly just enough to absorb and observe changes with the minimal impacts in case of a damage or where we find that our responses wasn't the most appropriate.
Zero Trust Based Model.
the security landscape is quite vast such that in one's architecture there can be so many points of failure and risks such that IAM alone requires sufficient security approach. Identity and Access Management is simply based on the identifying a user and limiting user access to only what resources they need access to and what they can do in such resource such as view only, edit/execute, create and delete etc. We can even go further to restrict from where a user can access a resource and when. Azure's PIM (Privileged Identity Management) serves just this. A common case is that a request from an external source would most likely not be trusted but that from an internal network would be trusted but instead in the zero trust based model all request from within network most be authenticated and access is only allowed based on roles assign to such devices or resources within the network. This protect on incidence such as when a network as being infiltrated and a device has being compromised, this help prevent situation that occur from a threat crawling to other parts of a network or alleviated privileges.
for opinion and suggestions reach me at: