Security

Zero Trust? Because you can’t do without it even on the public cloud

Zero Trust?  Because you can't do without it even on the public cloud

In recent years more and more companies have relied on public cloud, leveraging the power of external servers to handle huge workloads. Although this entails a series of concrete advantages, there are also dark sides that should not be underestimated.

According to some recent studies, the 58% of the companies that use these solutions use two to three public cloud services while, in 31% of cases, they confirm that by the end of the year the 75% of your workloads will run in this environment. All this, as expected, can only attract the attention of cybercriminals.

As expected, attacks on the public cloud are therefore on the increase. In the last year, infections malware in this context they increased by 15%demonstrating how this could constitute a future “land of conquest” for cyber criminals.

But how can you avoid any malware infections in this context? For experts, it is important to protect all connections between the cloud and the local network. This entails in-depth knowledge of internal and external risks, which can lead to information leaks or the compromise of company systems.

Public cloud and Zero Trust: how to avoid potential disasters

Solutions such as firewalls or other more classically conceived tools are not sufficient: in the context of the public cloud, philosophy must be applied Zero Trust. This involves starting from the assumption of always having to check any external interaction, starting from the assumption that it can be a danger.

In this sense, a first and decisive step is to eliminate lateral movements, acting by providing to individual employees access with least privileges. In this sense, even in the event of compromise, the damage is very limited.

To protect workloads, it is important to prevent the dreaded ones exploit zero-dayas far as possible, intervening promptly with any corrective patches proposals.

Another important step is to automate security deployments through programmable interfaces using infrastructure templates as code (IaC). All combined with a load balancer gateway AWS.

Source: cio.com

Leave a Reply

Your email address will not be published. Required fields are marked *