The key challenge in cloud security from a security governance point of view is visibility. Without total visibility of your cloud environment, it’s impossible to identify what threats to cloud security exist, create governance policies to mitigate the threats, or monitor compliance with governance policies.
Although visibility is a key element of cost control and performance optimization in the cloud, it’s sometimes possible to keep costs under control and maintain an acceptable level of performance without it. In a worst-case scenario, you’ll spend more money than you need to and experience performance inefficiencies. That’s not the case when it comes to cloud security governance.
For cloud security governance to be effective, businesses have to be aware of all the threats to their cloud security. Just one gap in visibility can lead to all manner of security issues being overlooked, from data breaches to account hijacking. Compared to the worst case scenarios for cost control and performance optimization, the consequences of ineffective security governance can be devastating.
Yet many businesses find getting total visibility over their cloud environments a challenge. A recent survey (PDF) found that most businesses have very low visibility into their cloud environments, and that the low level of visibility results in the inability to document regulatory compliance, delays in identifying and responding to security threats, and issues resolving security alerts from monitoring solutions.
Using the CloudHealth platform for effective security governance
The CloudHealth cloud management platform combines data from all the services and tools used by your business to give you a holistic single-pane view of your cloud environment and its ecosystem. Using this information, CloudHealth produces a Health Check Report that alerts you to issues with your security risk exposure, and make recommendations for resolving the issues.
With the depth of information collected by the platform, it’s a simple process to identify how these issues arose in the first place so your security governance team can create policies to prevent them from occurring in the future. Then it’s a simple process of configuring CloudHealth to monitor compliance with the policies and take a predefined action when a policy violation occurs.
The predefined actions can relate to the seriousness of the policy violation. For example, if a password policy is not being complied with, the account holder can be sent a gentle reminder. If a Security Group has too many rules, the group administration can be alerted to the potential complexity; or, if a storage volume contains unencrypted data, the platform can initiate a function to encrypt the data.
More serious policy violations can result in assets being terminated or user access being revoked. Events that might lead to these predefined actions include assets being launched in non-compliant regions, a larger-than-usual number of assets being launched outside regular working hours, or suspicious log-ins from previously unused IP addresses (an indication a user’s log-in credentials have been compromised).