Gartner predicts that global spending on public cloud services will grow from $155B this year to $210B in 2016. The forces driving enterprise IT to the cloud are faster deployment and easier management, which translate in the end to less cost. But at the same time, cloud deployment is significantly increasing security and compliance risk because security solutions have not kept up – leaving high value assets seriously exposed.
So what are some of the security gaps exposed by this cloudification of the data center?
• Multi-tenant environments create new risks because you suffer if your “neighbor” gets compromised . . . like in the MongoHQ case we analyzedhere.
• In many enterprises, users are circumventing IT and turning on cloud services without any controls. This “Shadow IT” significantly increases security risk and undermines compliance programs as sensitive or regulated data often ends up in the cloud without the knowledge of IT.
• Moving corporate applications to the cloud opens what used to be highly sensitive, internally facing applications to the entire Internet. That’s the point of using the cloud…your users can access your applications from anywhere. But doing that increases the attack surface of your “internal” applications, which increases risk.
• Most cloud providers do have controls in place to protect the underlying service, but they often deploy end user controls to the least common denominator to avoid disrupting user access.
What can you do?
Most organizations have a mix of on-premise and cloud solutions. Further, the cloud itself has many different deployment models, each with its own requirements. Because of that, it’s important to look for a vendor that covers the range of security gaps that exist in cloud security today.
What is Imperva’s cloud strategy?
We simplify the cloudification of the data center into three main trends:
1 – On premise corporate applications are being replaced by Software as a Service (SaaS) offerings. We will address this via our just announced Skyfence acquisition.
2 – External production applications are moving from on premise and hosted data centers to Infrastructure as a Service (IaaS) clouds, a market dominated by Amazon Web Services. So today we announced our new SecureSphere version for Amazon Web Services.
3 – Enterprises aren’t just looking to leverage cloud deployment for their business applications, many want to deploy security this way as well. That is where our soon-to-be-fully owned subsidiary Incapsula comes into play, offering cloud based web application firewall, DDoS protection, content delivery, and load balancing.
Together, these three offerings deliver a comprehensive data center security solution that covers your assets in the cloud.