Over the past several years, many organisations have begun transitioning to cloud-based security services. How to secure them is an ongoing challenge.
By shifting into more platform as a service (PaaS) and infrastructure as a service (IaaS) workloads and services, many aspects of IT operations, architecture, and security are changing significantly.
This shift is leading to the development of hybridcloud networks, requiring network engineering and security architecture teams to look at new controls and methods for developing and implementing network security practices in their environments.
As cloud services mature, however, there are more capable network security controls, platforms, and services that teams can employ to build and maintain robust network security architectures for a layered defense. Leading cloud service providers now offer highly capable cloud-native security controls, and third-party solution providers have adapted most network security platforms and services to cloud environments. Enterprises now have even more options for building secure network designs for hybrid and public cloud deployments.
In a modern hybrid-cloud model with routing and connectivity between data centers, branch offices, and cloud providers, most organizations are employing a layered defence model that includes cloud-native network access controls within the cloud service environments.
This includes network traffic capture and security monitoring capabilities, and third-party platforms and services that can help to augment and centralise network security functions. Although there is no single network security architecture that works for all organisations, there are more options than ever for implementing a mature network security stack for cloud operations.
The solution
As organisations look to embrace more secure cloud-native and cloud-compatible connectivity and detection/response capabilities, it may make sense to review existing perimeter security technologies and consider a shift to a new combined option known as secure access service edge (SASE), which brings these capabilities and more together under a single provider.
Find out more about SASE
This guide from Amazon Web Services (AWS) whitepaper series in partnership with the SANS Institute, explores the rationale behind adopting SASE.
Security experts detail the critical design criteria for implementation and address operational challenges and optimisation strategies.
More in Cloud Security
View white paper
Thousands of policies to consider, while only a few are enforced.
How the cloud has become an extension of your attack surface, and how to secure it.
Expert insights from Barracuda’s security frontline.
Why incremental cyber security fixes don’t work.
Efficiently empower defenders and disarm intruders.
How to create a truly agile and secure M365 environment.
Simplify management of your users' devices.
IDC research paper into the business case.
Best-in-class devices. Zero touch provisioning.
Three ways Microsoft Surface is an ideal platform for retail digital transformation.
Share this story
Reading Progress
