Securing the Cloud
Securing the Cloud – Is the Cloud secure?
This is a question that every organisation is asking itself. Depending on where you sit, the answer will differ greatly. What is certain though, is that cloud security is not a single product or person but an overall approach and a high level of diligence.
‘Cloud Security is not a single product’
At Oreta, we have a strong partnership with Google. Their approach to security is second to none. The approach of “zero trust” puts an emphasis on ensuring every user is authorised appropriately. GCP carries multiple certifications including recently being awarded IRAP which now allows it to run government workloads. While this ensure that the underlying platform is secure and ready for use, your overall security posture is very much reliant on organisations implementing correctly and taking overall ownership of security for their organisation.
Hybrid Cloud Security - Does that sound complex to you?
Most organisations are operating from multiple locations and with a mix of public cloud and on-premise requirements. This means their overall security requirement is well and truly beyond what Google may offer for GCP. There is also the existing investment that has been made with security vendors to consider. To simplify this, integration options between existing investments and cloud providers is crucial.
Palo Alto Networks has been the leading IT security vendor for years. Their products and commitment to analysing security threats is unmatched. This end-to-end security platform can now be extended to public cloud. Services such as Global Protect will now support your GCP environment as it does the rest of your environment. GCP can also become the central location for all monitoring of security threats for services such as VM-Series, traps and Redlock.
These services will also be integrated into GCP’s Cloud Security Command Centre which is in beta. This centralised console gives your all the visibility and control without needing to move between different consoles, elevating your overall security posture even further.
Redlock will now allow you to continually ensure your overall GCP environment meets your compliance and security posture in line with the rest of your organisation. VM-Series also provides application aligned threat protection for GCP instances. Without this level of integration, you would need to manage multiple instances via multiple consoles which any security expert will tell you is fraught with danger.
As with most things security and cloud oriented, having the appropriate skills and understanding is key to success. We have certified Palo Alto and Google Cloud Platform Architects who can assist in the design and implementation of these new services. We design for delivering secure business outcomes. This means not designing with just security in mind but with the goals of the business.
For more information, click here and we can connect you to someone who can help