Story image

Cloud perimeter increasingly difficult to govern, according to CenturyLink

22 Jun 2016

In hybrid IT environments it can be difficult to use the traditional ‘perimeter’ concept to describe the boundary between an organisation’s private network or cloud-based infrastructure, and the public internet.

That’s according to CenturyLink, who says in this digital landscape, organisations need new methods to secure and govern the corporate cloud perimeter. 

“The idea of a perimeter conjures images of an impenetrable barrier that can prevent things from getting in or out,” explains Stuart Mills, regional director, ANZ, CenturyLink.

“In terms of enterprise technology infrastructure, firewalls and other intrusion detection systems have traditionally been used to secure the business perimeter,” he says.

“Things are no longer so simple. The perimeter, if it still exists at all, has moved. In many cases, organisations find that a growing proportion of their IT assets are now located outside of their data centres or internally-managed infrastructure,” Mills says.

“This is due to the rise of cloud, mobility in the enterprise, and online collaboration tools. As a result, it is difficult to govern and protect all IT assets equally.” 

There are five security technology features organisations can implement to help govern their cloud perimeter and protect all of their IT assets no matter where they reside: 

1. Identity management integration 
Standards-based integration with identity management providers can help organisations quickly provision and de-provision access to company resources and data. This type of integration also provides organisations with complete control over password complexity rules, expiration, and multi-factor authentication requirements. 

2. API security 
Many cloud providers provide application programming interfaces (APIs) that let customers integrate management for their cloud service into third-party management platforms or their own applications. APIs provide valuable business capabilities for customers, but they also introduce an additional potential attack surface that needs protection. 

3. Multi-tier user management 
To facilitate the segregation of different cloud environments, organisations should look for cloud providers that have the flexibility to offer an account hierarchy structure that affords complete control over which sub-accounts are allowed to exchange data freely. This delivers easy segregation between business units or locations. 

4. Logging and reporting 
The detailed logging of all actions performed through a cloud interface or via an API is an essential part of managing enterprise IT cloud environments, yet it remains a stumbling block for some companies in their adoption of cloud-based infrastructure. Ideally, companies should ensure they have access to log management and reporting mechanisms. 

5. Patch management 
In most cases, cloud service providers regularly update the templates they use to create new virtual machines, helping them remain up to date with the patches that eliminate potential holes in network security. Once a virtual machine is launched, however, the responsibility to patch the system falls to the user of the service. At this point, the organisation needs to make 

How Red Hat aims to accelerate business value with container technologies
Red Hat announced that leading global companies are creating, extending and deploying integration services across hybrid and multicloud environments using agile integration architectures based on Red Hat technologies.
IT employers having to up salaries and bonuses to attract talent
As the modern economy relies increasingly on data, it’s certainly a good time to be working in IT.
Red Hat expands integration product capabilities
Adds end-to-end API lifecycle support and new capabilities for agile integration across hybrid architectures.
Electric car infrastructure needs to be a high priority
“Australians should be able to drive all over this massive nation with complete confidence in a zero-emission vehicle.”
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
BMC adds IBM Cloud, Watson to Helix solution
BMC Helix with IBM Watson delivers cognitive insights across structured and unstructured federated knowledgebases.
Hyundai works with IBM to create a new blockchain-based platform
The network for commercial financing will supposedly provide participants with a single view of all the transactions happening in the network.
Why businesses should invest in energy automation
In industrial applications digital transformation allows businesses to do more with less.