Be the first to like this
We know that "the enemy's gate is down." Many of us know the lessons from Vauban. We draw our computer security metaphors from the physical world, and it mostly works. Traditional security analogies talk about defense-in-depth, locks & surveillance, active defense, mitigation & response, and many other clever comparisons. Then came the cloud. While it's true that security fundamentals still apply, several things dramatically change when defense moves into the cloud.
Scale - A single IT admin can reasonably expect to manage between 100 and 250 physical assets. We expect cloud admins to scale up to 25,000 instances and beyond. The same scale that makes using the cloud attractive for business makes managing the cloud a Gordian Knot. Think about that scale in terms of security alerts, real and false positives.
Control - We can simply go over and troubleshoot in safe mode when an on-prem asset misbehaves. When the cloud instance misbehaves, the cloud provider might just reboot it for you. Even worse, your asset might get rebooted if somebody else on the same hardware misbehaves. Cloud providers give a different granularity of control.
Transience - This represents the biggest paradigm shift for the cloud. Where previous admins bragged about uptime, long-running servers become a liability in the cloud. Attackers can surround an asset, only to find the asset has disappeared. That idea sounds like a nightmare for most admins too, but the right tooling and mindset turns it into a strength.
We can leverage scale, control and transience away from liabilities and into strengths. Traditional physical defense metaphors do not capture the paradigm shift, so we need to make sure we abandon those when appropriate. Cloud security is different.
Delivered at SOURCE Conference Boston 2016 on May 18, 2016