by: VMware Director of Security Architecture Bharath H C, VMware IT Director Sarita Kar and VMware Director, Information Security Strategy Craig Savage
Many businesses are unaware of the vulnerabilities that exist in their cloud infrastructure and, in many cases, do not have the needed staff to address these vulnerabilities. As a result, security remains one of the biggest challenges for organizations.
In the first part of this blog, we talked about why organizations succumb to cyberattacks and Zero Trust, the go-to security model. We also discussed how VMware proactively monitors cloud applications. In this second part, we dive into the other aspects of security—the best practices for security control, identity and access management, infrastructure and data protection.
Best practices for security and governance in the cloud
To operate our workloads securely, we apply best practices in every area of security, such as applying requirements and processes we’ve defined, and applying operational excellence to the organizational and workload level. Staying up to date with industry recommendations and threat intelligence helps us to evolve our threat model and control objectives.
Automating security processes, testing, and validation also allows us to scale our security operations.
Identity and access management
How we manage authentication and permission for people and machines:
- Use strong sign-in mechanisms, such as multifactor authentication (MFA)
- Store and use secrets securely
- Rely on a centralized identity provider
- Audit and rotate credentials periodically
- Grant least privilege access.
Detection
How we detect and investigate security events:
- Configure service and application logging
- Analyze logs, findings, and metrics centrally
- Automate response to events
- Implement actionable security events.
Infrastructure protection
How we protect network resources:
- Micro-segmentation
- Inspection and protection; inspect and filter traffic at each layer.
How we protect compute resources:
- Perform vulnerability management
- Reduce our attack surface by hardening operating systems, minimizing components, libraries and externally consumable services in use
- Validate software integrity; implement mechanisms (code signing) to validate the software code.
Data protection
How we classify data:
- Identify the data within our workload, including the type and classification of data
- Define data protection controls
- Automate identification and classification
- Define data lifecycle management
How we protect your data at rest:
- Implement secure key management
- Enforce encryption at rest
- Enforce access control
How we protect your data in transit:
- Implement secure key and certificate management
- Enforce encryption in transit
- Automate detection of unintended data access
- Authenticate network communications; verify the identity of communications by using protocols that support authentication, such as transport layer security (TLS) or IP security (IPsec).
Incident response
How we anticipate, respond to, and recover from incidents:
- Develop incident management plans
- Prepare forensic capabilities
- Automate containment capability.
Advice for cloud security
You need a pragmatic plan and a focused set of goals to move to cloud security. At VMware, we started with five pillars of cyber hygiene—encryption, identity, micro-segmentation, next-gen authentication, and stewardship.
Evolution of security for multi-cloud applications
The future of security is being shaped by the need to secure enterprise networks, data, devices and identities. This includes adopting security frameworks like Zero Trust, which can help companies secure internal information systems and data in the cloud. With the sheer volume of new threats, today’s security landscape is more complex than ever. Security needs also continue to evolve as new technologies, apps, and devices are developed faster than ever before.
Security should be tightly coupled to all pillars and elements like devices, users, data, applications and transport.
One of the most significant benefits cloud computing provides to security is automation. The need for security automation is rising; manual processes and limited information-sharing capabilities slow the evolution of secure implementations across organizations.
The future is bright for the security industry, as companies continue to develop new technologies to guard against the ever-evolving threat landscape. Government rules, regulations and security procedures also continue to evolve just to keep up with emerging technologies and the rapid number of threats across private and public sectors. As the landscapes become more complex and tech footprints expand, it is imperative for companies to be more aware of the security challenges and proactively address them.
For more information, listen to the sixth episode of our Digital Transformation series, read Part One of Cloud Security Let’s Talk About Cloud Security andour app modernization, Zero Trust blogs and security blogs.
The topic continues to evolve, so contact your account team to schedule a briefing with a VMware IT expert to hear the latest. For more about how VMware IT addresses queries related to modern apps, check out more blogs on the topic. For other questions, contact [email protected].
We look forward to hearing from you.
VMware on VMware blogs are written by IT subject matter experts sharing stories about our digital transformation using VMware products and services in a global production environment. To learn more about how VMware IT uses VMware products and technology to solve critical challenges, visit our microsite, read our blogs and IT Performance Annual Report and follow us on SoundCloud, Twitter and YouTube. All VMware trademarks and registered marks (including logos and icons) referenced in the document remain the property of VMware.
