Cloud Security is a shared responsibility, and big CSPs are also not foolproof


With Cloud Security, there is a myth prevailing among users that only the top brands offer many security resources, making them infallible. But according to John McDonough, the Consulting Cloud Architect from Fortinet, such an assumption is a myth as even the top brands such as Microsoft can fall prey to sophisticated attacks launched these days.

Users need to change their viewpoint when it comes to foreseeing cloud security. As they need to take the responsibility in a shared manner. Meaning, the provider must take care of network security and securing the platform on an overall note. And users need to securitise their data, as it is a lifeblood to them and can make or break their business, if anything untoward strikes.

As companies are using different computing and storage resources in a heterogenous architecture, lack of visibility enables them commit blunders that the threat actors use to their benefit.

This is where they need to focus on services that offer security and are on par with the one seen in on-premise environments. Controlling access for myriad users does the trick, but enabling zero-trust policies associated with permission levels makes sense.

Enabling rule and role-based access controls might add the next level to the security. Deploying firewalls enriched with botnet protection, SD-WAN support, data loss prevention, intrusion detection and mitigate, and virtual fixing of vulnerabilities will help CSPs in offering top level security.

Nowadays, CSPs are clearly mentioned in their agreements that their responsibility ends at the stage where protection of applications and data starts for organizations. Or else they will provide support at the juncture, but for a premium cost.


Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display