*As featured on Tripwire.com - January 7, 2020
In some ways, the cloud has made security management easier, as many cloud providers have taken the responsibilities traditionally associated with local server management out of your hands. But in other ways, the security management conversation has become more confusing for decision makers, as “cloud” is a very broadly defined term and could speak to a variety of different technology ecosystems with their own security considerations. To top it off, many of the people who must ultimately make the decision about what kind of cloud solution is being utilized by their business don’t necessarily understand the security management ramifications of that decision.
For a local infrastructure, malware considerations were baked into the experience of owning your own equipment. The assumption had to be that you were responsible for the protection of your system and avoiding malware, which is perhaps clarifying from a responsibility standpoint but difficult from a management standpoint. So, by extension, a shift to the cloud is particularly attractive to those who are looking to simplify their management experience and reduce their risk.
But once you are utilizing the cloud, do you really know where those security lines are drawn? I think this requires us to take a step back and think of the nature of what kinds of services these third-party cloud providers are delivering to your business, so we need to understand the difference between cloud solutions.
GET THE FULL ARTICLE AT TRIPWIRE.COM: