FireEye Stories

Gartner: 5 Things You Must Absolutely Get Right for Secure IaaS and PaaS

Every organization is adopting the cloud in one way or another, and for good reason. The cloud offers many benefits, but it also comes with a new set of risks and responsibilities. Organizations are still under fire from many of the same threats targeting their on-premises infrastructure, and many struggle to maintain their existing security while providing the new, additional security for the cloud. Successful organizations will rise to this challenge, and their security teams will be enablers of evolution, not gatekeepers.

Creating a cloud security strategy isn’t so easy considering the technology is relatively new and there aren’t many well-established guidelines. To make matters worse, many traditional on-premises security controls not only don’t apply to cloud deployments, but they may have an adverse effect of creating more risk. Further, the lines of responsibility between cloud providers and organizations are often blurry, especially for those new to cloud.

Ignoring the cloud is not an option. According to Gartner, “By 2021, 50% of enterprises will unknowingly and mistakenly have some IaaS storage services, network segments, applications or APIs directly exposed to the public internet, up from 25% at year-end 2018. Through 2023, at least 99% of cloud security failures will be the customer’s fault.”

The time is now to learn about the cloud and how to effectively use it, as well as protect it. In their report, 5 Things You Must Absolutely Get Right for Secure IaaS and PaaS*, per our understanding, Gartner covers off on many of the fundamentals of cloud security and risk management, including:

  • Proper use of identity and access management permissions
  • Importance of data encryption
  • Application of zero-trust network access to reduce risk exposure
  • Implementation of cloud security posture management tools
  • Ability to capture, log and analyze cloud data

Read the report today to learn more.

*Gartner, 5 Things You Must Absolutely Get Right for Secure IaaS and PaaS, 7 May 2020, Tom Croll