Do Traditional Security Tools Fail in the Cloud? [Video]
The cloud is a different animal. It's fluid and ever-changing — not entirely suited for usual security measures. See what problems cloud migration poses to security.
Join the DZone community and get the full member experience.Join For Free
“Traditional models rely on assets being generally fixed, not changing very often,” said Alex Wood (@abwoodrow), CISO, Pulte Financial Services. “Having that reliance on things being fixed doesn’t always work out with the traditional tools.”
When it comes to the cloud, traditional security tools are at risk of failing. The concept of what they’re trying to do works, it’s just given the dynamic and non-static nature of the cloud, it just doesn’t work the way it’s implemented.
“I think most people think they can take the traditional applications that they have, pick them up, and forklift them into the cloud. If you do then you’re still relying on the architecture that you had in the non-cloud environment, trusting that east-west traffic,” said Wood. “But if you architect correctly, giving least privilege to the hosts, only allowing the traffic that is supposed to be allowed, then you can cut down on that illegitimate east-west traffic.”
The success of securing that east-west data requires letting security ride alongside server deployments.
“In a cloud environment, you’re traditionally scripting these kinds of deployments so in a traditional environment it would be tough to do that meaning you’d have to manage firewall rules. Automating this through a cloud deployment, you can build that into the deployment so you’re automatically getting that security built in,” said Wood.
Published at DZone with permission of Shaane Syed, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.