We know that the Ambient Cloud is a set of network connected devices that IT departments must manage. But, who is responsible for securing the Ambient Cloud?
If you are looking for help from your cloud provider, you might be disappointed. The fact is that you, the enterprise, are responsible for securing your cloud because you are responsible for what happens when cybercriminals breach your security. The good news is that now it’s safe to outsource specific security tasks to your cloud provider, as long as the roles and responsibilities are well defined in contract.
So how should you protect yourself? Listed below are some of the best practices for security:
1. You should secure your cloud servers as you secure your internal servers. This includes; IDS/IPS, DLP tools, bi-directional firewall and encryption.
2. Secure your ambient cloud devices just as you secure your corporate-owned mobile devices. This includes encryption, firewall, DLP and antivirus. Encryption of data at rest and in transit becomes extremely important because of the lack of visibility into network traffic and your provider’s admin access logs.
3. In your own network, all router/switch configuration and logs are free, and you can sniff any network traffic you want. But in the cloud, none of that is available. Find out how much network monitoring and access your provider will allow.
4. Many cloud providers also offer a worrying lack of role-based access controls at an admin level.