concerns, the cloud is secure.
“Cloud services were developed with
foundational infrastructure security in mind,” said Abramowitz. “One of the challenges is making sure this foundational security is augmented in a way that aligns with the unique security requirements for your organization’s data,” he said.
Trend Micro’s cloud security solutions were developed in the cloud natively, “not ported from the traditional desktop endpoint software,” said Abramowitz. The company’s back end of threat intelligence through the Zero Day Initiative (ZDI) vendor agnostic bug bounty program can protect agencies “way ahead” of public disclosure of vulnerabilities, he said.
Automation lets agencies do more with less.
Budgets are tight, IT teams are lean and
real estate is expensive. Moving to cloud lets them offload responsibilities to the host and automate functions like configuring workloads.
“It’s a hosted service so you’re no longer going to be responsible for a huge room of systems and cooling them and maintaining them and keeping them powered – all the things that are required when you’re in charge of the basic infrastructure,” said Abramowitz. “So there’s a definite cost savings advantage there as well.”
Because there’s so much integration with the cloud environment in terms of scripting and automation, it makes administrative tasks a lot easier, according to Abramowitz. “You can do things like configuring policies, protecting workloads, figuring out what vulnerabilities you have and putting in filters for them, and just basically do
a whole number of routine maintenance tasks that the admins would normally do manually and use our API and our SDK to automate those things,” he said.
The good news, Abramowitz explained, is that the security mechanisms stay exactly the same for on-prem and for cloud. “It’s really simply a matter of deactivating the agent to one console and activating it to another,” he said. “Everything else stays the same – the policies are the same, the management is the same.”
Don’t Forget, the Cloud is a Shared Responsibility
While the benefits of the cloud far outweigh concerns, there are some myths that merit careful consideration; chiefly, that a cloud provider locks down security across the whole of the cloud environment.
Abramowitz said agencies shouldn’t believe the myth that the cloud provider locks down security across the whole of the cloud environment. “Organizations sometimes are under misconceptions about what the cloud infrastructure providers are responsible for, and what the organization itself is responsible for,” Abramowitz said.
AWS, for example, ensures that the hardware in use is functioning, adequately powered, is in a room that is adequately
the operating systems and the runtime,” he explained. For agencies that opt for Software as a Service (SaaS), the cloud provider manages everything except for data and access.
Trend Micro fits into the equation by ensuring that the VMs, operating systems, runtimes, applications and data are
secure and protected. “Ultimately, we see customer migration to a SaaS environment which minimizes their responsibility for infrastructure allowing a focus on developing policies to protect their data according to their unique requirements,” he said.
Of course, agencies are at different points of their journey to the cloud with many favoring a hybrid on-prem/cloud model. Abramowitz says it’s important to protect
“Our approach is to protect you with one agent, one console, and consistent features and functionality throughout, no matter what part of the loud journey you are on.”
David Abramowitz, Chief Technologist, Trend Micro Federal
cooled and has redundancies in place
as appropriate. So, in essence, “all the infrastructure set up for you,” he explained. “But they’re not responsible for securing the workloads moved into and running in AWS, nor are they responsible for securing the applications on the instances that are communicating with the outside world,” he said.
The shared responsibility model also depends on what kind of environment an agency invests in – an important point since agencies are not all on the same page when it becomes to cloud migration and IT modernization. “For instance, if you want Infrastructure as a Service, then the cloud provider is going to provide storage, networking compute resources. You’re responsible for managing the VMs, the operating systems, the runtime, the applications, the data and the access,” said Abramowitz.
“Now if you bump that up a level and
say you want your cloud provider to be a Platform as a Service (PaaS), then the cloud provider is going to add to that the additional management responsibility for the VMs,
them regardless of where they are in their cloud journey. “Our approach is to protect you with one agent, one console, and consistent features and functionality throughout, no matter what part of the cloud journey you’re on” he said.
In partnership with AWS, Trend Micro provides complementary security services that can accelerate migration to the cloud, protect critical legacy systems and applications, and stem the drain of agency resources without compromising productivity or uptime. It’s time to put cloud security myths to bed and get on with what promises to be a smooth migration.
Consider that agencies that already had more fully embraced cloud found their transition to a work from home or hybrid work model last year to be relative painless. Those with more mature cloud strategies proved more nimble than their lagging counterparts –who have had to drag their
IT operations into 2021. For the rest, it’s time to put security myths to bed and get
on with what promises to be a smooth migration to the cloud...and much-needed IT modernization.
https://www.trendmicro.com/AWSFederal