February 26, 2015 By Sreekanth Iyer 3 min read

The cloud offers simplified application development and delivery by providing infrastructure, platform and software services that are ready to use immediately. However, the major inhibitor for businesses has been concerns around security. IBM sees this not as a challenge, but rather as an opportunity to enhance your security posture by rethinking your approach to cloud security. Gaining a clear understanding of the various security options and how to apply them in your solution is crucial for successful and secure cloud adoption.

IBM has simplified the typical method for approaching this problem. Whether you’re looking to employ infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) or software-as-a-service (SaaS), use the framework below when designing your solution. Each platform comes with certain built-in security qualities and lets you use add-ons on top of the platform to secure each workload.

Manage Access

This involves managing identities and governing user access to cloud resources. When you are consuming infrastructure from the cloud, you also need to manage the identity involved in privileged activities, such as those performed by cloud administrators, and the tracking activities of the people involved in development and operations. Another important aspect of managing access is safeguarding people, applications and devices connecting to the cloud, especially when it comes to the use of SaaS offerings. All the good stuff related to access management, such as pattern-based protection, multifactor authentication, context-based access control and privileged and federated access, goes here.

Protect Data

This is all about what you can do to identify vulnerabilities in your application and data and which actions you should take to prevent attacks targeting sensitive data. This solution-oriented approach covers things you should do to encrypt data at rest (files, objects, storage) and in motion, as well as how to monitor data activity to verify and audit data outsourced to the cloud. The vulnerability assessment of both your data and application is an important step in this process because it hardens data sources and Web and mobile applications that are in the cloud.

Gain Visibility

Continuously monitoring each activity and event in the cloud is necessary for complete visibility across on-premise and cloud-based environments. You can also build improved security and visibility into virtual infrastructures by collecting and analyzing logs in real time across the various components and services in the cloud. With visibility across virtualized stacks and IaaS, PaaS and SaaS clouds, you can have a clear view into your enterprise cloud and any associated risks. This should prepare you well for managing your audit and compliance processes.

Read the white paper: Safeguarding the cloud with IBM Security solutions

Optimize Cloud Security Operations

Optimizing the processes, methods and tools for running your security operations is key to keeping the overall cost low. You should always keep assessing security practices, plans and designs and mature them in a timely manner to build out world-class security operations centers. Consolidating your view of this using big data, visualization and intelligent threat analysis — with the right expertise — is key to staying ahead of the threats and being ready to respond to any security incidents along the way.

To learn how to address each of these areas with IBM’s capabilities, take a look at my presentation from IBM InterConnect 2015.

More from Cloud Security

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

The compelling need for cloud-native data protection

4 min read - Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.The reason for this high cost is not only the…

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today