As cloud computing technologies are quickly have become mainstream due to the multitude of benefits that have transformed how we store, manage, and access data, the enterprise landscape is rapidly changing how they interact with data and applications. However, one of the overlooked and most misunderstood activities that must be performed to successfully leverage cloud computing technologies is the creation of a cloud computing security architecture. The strategy should be designed to help an enterprise both secure and showcase data assets and applications that will be resident in the cloud through the lens of shared responsibility with cloud service providers (CSPs).
The main objective of instituting a comprehensive cloud security architecture is to identify and help eliminate security vulnerabilities that may arise from a predominantly product-driven approach to security.
Understanding the difference between cloud security controls and cloud security architecture is crucial when preparing to move to the cloud. A properly developed cloud security architecture is driven by threats facing an enterprise, whereas cloud security controls are tactical measures designed to reduce information security risks.
Focusing first on threat detection can reveal the complex interdependencies between users, cloud infrastructures, vendors and applications. As a key component of cloud security, the enumeration of threats as part of your cloud security strategy will also play a major role in limiting security control redundancies, thereby reducing capital and operational costs.
7 Key Elements of an Effective Cloud Computing Security Architecture
Whether you are migrating existing applications to the cloud or building them in Amazon Web Services (AWS), Microsoft Azure (Azure), or Google Cloud Platform (GCP), it is important to recognize that there are security aspects that are shared between you and the cloud provider. Designing a robust cloud infrastructure requires the cloud security architect to consciously consider factors such as the attack surface presented by web-enabled interfaces, the criticality of information assets, and the various attack vectors that may be leveraged by a malicious actor.
The primary goal of a cloud security architecture is to seamlessly integrate these functional security elements with the overall architectural plan. Here are seven key elements to consider when embarking on any cloud journey.
-
Build Security at Every Layer
There are several individual security technologies that need to be selected, deployed, configured, maintained, and monitored for a secure cloud infrastructure. The best way to approach this task is to understand the scope of the effort in the context of the cloud security stack. It may be simplest to think of this in terms of layers — orchestration layer, hypervisor layer, application layer, guest system layer, network layer, and physical layer. The protection of any cloud infrastructure requires multiple technologies and processes that will be dictated by deployment models, the sensitivity of data being stored, and regulatory requirements. By adapting a defense-in-depth strategy and applying practices like automatic operating system updates, secure coding, and activity monitoring, organizations can reduce exposure to outside threats.
-
Redundant and Resilient Design
One of the key cloud security architectural components every deployment should have is a disaster recovery plan. This plan acts as a safety net should your cloud infrastructure fail, or a cyber event occur, such as a ransomware attack. It should include detailed procedures for restoring backup data and ensuring business continuity. Some believe that resilience is centered around application design, but the reality is that the infrastructure layer, network, and data must also be considered a part of the equation.
-
Centralized Management of Components
This is the practice of funneling the vast amount of security-related data and telemetry from the tools deployed in the cloud infrastructure through centralized processes and personnel. This effort ensures a comprehensive view of the cloud security status, which is especially important in multi-cloud scenarios where cloud service brokers are often used to centralize and integrate all cloud management into one place. For less complex cloud environments, a single product or platform that can integrate into all provider environments to enable control of security policy and access management without dependency on the underlying cloud infrastructure may be used.
-
Elasticity and Scalability
Before building out your cloud security architecture, it is critical that you understand the thresholds that need to be established so you can design to the correct horizontal or vertical scale. Horizontal scaling refers to the provisioning of additional servers to meet the needs of the business, often splitting workloads between servers to limit the number of requests any individual server gets at any one time. Vertical scaling is essentially resizing a server with no change to code. It is possible to increase the capacity of existing hardware or software by simply adding resources.
-
Alerting and Notifications
There are many different types of storage available in the cloud and it’s essential to understand each type and select the ones that are best suited for your deployment. Each storage option will likely have its own unique security options. When selecting a storage type and design, consider your organization’s data classification and data security policies carefully.
-
Appropriate Storage for Deployments
There are many different types of storage available in the cloud and it’s essential to understand each type and select the ones that are best suited for your deployment. Each storage option will likely have its own unique security options. The type you choose should take into consideration your organization’s data classification and data security policy before settling on a particular storage security design.
-
Centralization, Standardization, and Automation (CSA)
One of the final elements to emphasize in cloud security design and architecture is centralization, standardization, and automation (CSA). Centralization refers to the integration of tools and services into a single dashboard to provide visibility. In many cloud deployments, numerous management tools, dashboards, and interfaces begin to accumulate over time, making this more and more challenging.
If automation is the principal idea behind DevOps, it is reasonable to say that DevSecOps is also driven by the concept. Manually running cloud security tools is not a sustainable solution, and automation and orchestration can go a long way towards reducing this burden.
Cloud Security Architecture and the Shared Responsibility Model
One essential element to understand in cloud deployments is the division of responsibilities between user and service provider. A shared responsibility model will be instrumental in defining security ownership by expressly dictating the assets, processes, and functions each party owns.
Infrastructure/Platform-as-a-Service Shared Responsibility
It is important to appreciate the nuances in coverage across CSPs. If you choose to use AWS, for example, AWS claims responsibility for “Security of the Cloud,” which includes protecting the infrastructure that runs all the services offered in AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.
By comparison, Microsoft Azure claims responsibility for physical hosts, physical network, and physical datacenter. Regardless of CSP, there will be variations in responsibilities depending on service type (e.g., IaaS, PaaS), which include security controls around application/platform software, operating system, and local networking and virtual machine/server instances. Keeping track of who is going to handle each security task is extremely difficult given the fact that many companies subscribe to a multi-cloud or hybrid cloud environment.
Uncertainty Around Shared Responsibility Models
- It is important to highlight that security roles are different based on whether the company is setting up an IaaS or PaaS environment. In an IaaS (server-based) deployment, the company is most likely going to assume full responsibility for Identity and Directory infrastructure, applications, network controls and operating system.
- If a PaaS (serverless) deployment is the solution of choice, the company is responsible for securely configuring the control plane. While the provider often provides support for the physical implementation of the company’s identity and directory infrastructure; applications; and network controls, the company is still responsible for configuring access management through the control plane.
This may appear to indicate that a great deal of security tasks still lies with the company, but cloud providers retain full control over the virtualization layer as well as the physical hosts, network, and datacenter.
Types of Security Architecture Design in Cloud Computing
Designing the appropriate security controls that protect the confidentiality, integrity, and availability of information in the cloud can play a major part in managing cloud security threats. These security controls can be provided by the cloud provider, the enterprise, or even by third party service providers. There are essentially two levels of design patterns used in cloud security architecture — high-level and custom.
High-level design patterns are primarily focusing on activities that establish the necessary security controls, which describe the interaction between the functional elements of the enterprise security architecture. Also essential to a successful cloud security ecosystem are trust boundaries, the logical perimeter that extends beyond the physical boundary to denote how trustworthy cloud IT resources are within an existing cloud environment. Standard interface points, encryption models, and security event logging are further components that make up standard design patterns. Enterprises that opt to develop their own cloud applications can use custom cloud design patterns to create a secure application access framework.
- Federated Identity Pattern
Can be used to outsource the task of authentication to a third-party identity provider. - Gatekeeper Pattern
Protects applications and services using a single host instance, which acts as a middleman between the customer and the application/service. It authenticates and sanitizes requests and relays data back and forth. - Valet Key Pattern
Uses a token that provides customers with limited direct access to a specific resource to be able to offload data transfer from an application. This is suitable for applications that leverage cloud-hosted storage systems and can help achieve maximum scalability and performance.
If the enterprise takes the time to agree with the cloud provider about security controls, it will be possible for the enterprise to incorporate security into the system architecture without requiring bolt-on security measures. If security guidelines and architectural patterns are created during the design phase, appropriate security controls will not be overlooked. Ultimately, the enterprise cloud security architecture should support the need to protect the confidentiality, integrity, and availability of all data processed or stored in the cloud.
Cloud Security Architecture Best Practices: Planning and Putting Your Strategy in Place
Cloud security architecture is a strategy to secure and view an enterprise’s data and applications in the cloud by sharing security tasks with cloud providers. Any organization seeking to stay competitive needs to bake cloud innovation into its DNA. A cloud security architecture should reduce or eliminate gaps in security that product-driven solutions are likely to leave behind. Also, cloud security reference architectures and design patterns can be reused in future environment builds. This reuse enables enterprises to leverage established security expertise to speed up development and improve security.
Once you’ve got the basics, here are four actions you can take to make sure you’re following cloud security strategy best practices.
Conduct Due Diligence
As enterprises consider the growing number of cloud service options available today, security challenges will certainly arise as they move to cloud and consume cloud services. Regulatory pressures will push enterprises to carefully assess how each cloud service provider’s security, privacy and trust protections address the core issue of resilience.
Many cloud security architects are turning to checklists created by Microsoft and AWS that are aligned to international standards to help guide discussions about moving to the cloud. These checklists are designed to highlight issues that need to be considered when migrating to the cloud. When using a checklist to conduct due diligence reviews, enterprises need to define the enterprise cloud requirements for applicable checklist elements, define the project specific requirements, and assess project options accordingly.
Determining Data Sensitivity
Developing an effective strategy for securing sensitive data requires a clear understanding of the high-level data security trends and the alignment of these trends to the providers’ cloud security controls. Enterprises can implement these security controls to implementation-level details specific to data stores, such as Amazon Database Service (Amazon RDS), Amazon DynamoDB, SQL Database, and Azure DocumentDB (for example).
Bring Employee Cloud Usage Out of Shadows
Unfortunately, many companies simply migrate data to the cloud without consulting their IT or security departments. While there is no arguing that cloud computing can often prove to be exceptionally convenient and valuable to the business, the unmanaged adoption of cloud services can leave sensitive or proprietary data exposed. When employees utilize their preferred cloud-enabled tools and applications instead of ones authorized by the enterprise, they will often use personal credentials to access these services, thereby putting proprietary company data at risk. The security and compliance implications alone can be a strong argument for reigning in these unsanctioned practices.
Endpoint Security Solutions and the Cloud
The flexibility, elasticity, and cost savings of cloud computing is driving enterprises away from traditional to cloud-enabled computing models. Proper cloud adoption requires evaluation of business needs to ensure protection, visibility, speed, and scalability. Endpoint solutions that operate seamlessly in the cloud have evolved from antivirus solutions to fully integrated suites for the protection of information assets in any cloud environment that includes advanced capabilities such as Endpoint Detection and Response (EDR) and User and Entity Behavior Analytics (UEBA).
The Benefits of Perfecting Your Cloud Security Solution
As with the adoption of any new technology, there are challenges to overcome with cloud migrations. There is a lot to consider when building your cloud security architecture, but the benefits to your overall security strategy are worth the effort. Once the basics are in place, your business can experience all the benefits of the cloud while keeping resilience front-of-mind. At Kroll, we have extensive experience in navigating these complexities. We partner with you to understand your current cloud security posture and design solutions that will help you grow your business profitably and securely. Find out more about our cloud security services here.
