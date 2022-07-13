Technology How to achieve cloud security and resilience

By LLOYD OANDAH

Since the dawn of the Internet, digital transformation across the globe has rapidly grown and has been greatly accelerated in the wake of the recent covid19 pandemic. Organisations have been forced to better leverage technology to facilitate an agile workforce and effectively extend services to customers.

Considering the negative economic impact of the pandemic, organisations have also had to do more, with less. The cloud suddenly seemed to offer the perfect solution to many organisation’s digital challenges.

In East Africa, cloud adoption had been on a steady rise in the past decade mainly owing to development of digital infrastructure and gradual elimination of various.

Anew challenge has however emerged. Advanced persistent cyber-attacks are now prevalent in Kenya, East Africa, and Africa. Organisations face the risk of revenue loss from service outages, breach of compliance, legal penalties and huge reputational & financial damage all resulting from a successful breach.

Three key initiatives to facilitate secure cloud adoption

Internal IT teams require the skills and understanding to allow them to manage the various cloud environments, the shared security responsibility implications for the various cloud consumption models, as well as the necessary security capabilities to effectively secure cloud workloads.

Through adopting a few initiatives, you can achieve secure cloud adoption while minimizing risk, facilitating digital trust, and primarily maintaining quality customer digital experience.

1 Mature your security posture to match the new normal

Initiate a high-level cybersecurity assessment, guided by best practices and modern principles such as Zero Trust and driven by the business objectives.

The assessment helps identify risks within your cloud environment and maps high-level security vulnerabilities and capabilities aimed at mitigating the identified risks to the business but also highlighting how the proposed security controls can be best integrated in a manner that is relevant to your digital environment and business process flows.

Key security capabilities that cut across all organisations utilising any cloud service include: Effective identity and access management providing user trust with multifactor authentication and privilege access fortified with real time user access monitoring to ensure user trust is maintained; Micro segmentation with inline Intrusion Prevention System (IPS) and behavioural detection capabilities to limit attacker lateral movement and ensure least privilege access is maintained at the network level.

2 Secure and optimised ubiquitous cloud access

It is well known that you cannot effectively protect what you cannot see. The key imperative for any organisation is to be able to achieve their objectives by getting the most out of their investment into technology and innovation in a secure and ethical manner.

To meet these objectives, here are some cloud native security architectures that are optimized for hybrid environments: Secure cloud access with Secure =Access Services Edge (SASE) delivering a modular, platform based, and cloud native security platform that combines a comprehensive set of cloud-based security capabilities such as DNS Security, Secure Web gateways, Next Generation firewall, Cloud Access Security Broker (CASB), and Cloud Security Posture Management (CSPM) all integrated with Identity and Access Management capabilities seamlessly securing access to cloud workloads from the corporate branch edge and remote mobile endpoints.

3 Secure internet access and managed security services

Major Internet Service Providers (ISPs) provide connectivity for multiple organizations, a significant portion of which are small to medium enterprises with limited security budgets. However, they must still deal with the same level of risks and cybersecurity threats that impact larger enterprises.

To secure these internet connections at an affordable cost, security services can be bundled with internet connectivity services delivering capabilities such as next gen firewall/IPS, DNS security, and secure web access that is delivered as managed platform at an affordable subscription based monthly cost. This extends effective security services to organizations with limited security budgets.

Lloyd is Technical Solution Architect, Intelligent Security at Dimension Data East, and West Africa