Now is the era of "digital transformation". If your company's digital transformation is not yet on the agenda, it may already be on its way. In fact, "digital transformation" is not a simple process or result. From some perspectives, it is one of the chains in the process of enterprise transformation, and it is also a driving force, pushing us to carry out IT transformation, and the corresponding security transformation .
Security is closely related to the subject, and its sole purpose is to protect the subject's security. In the process of digital transformation, the security team needs to actively work closely with the business team and IT team to build a good partnership, target the needs of the company's digital transformation, establish common goals and formulate security strategies around business productivity, reliability and security , So as to achieve these goals with these partners through security transformation.
With the gradual advancement of digital transformation, our corporate IT environment is also constantly evolving. "Cloud First, Mobile First", we are embracing the era of cloud computing. Our corporate network is becoming larger and larger, and at the same time becoming more and more complex, and the boundaries of the network are becoming more and more blurred.
However, the ultimate security risks and challenges we face, as well as the ultimate security goals we need to achieve, will not change because we use cloud computing, but the specific implementation of this goal has changed. For the security team, we still need to focus on suppressing the security risks and impacts introduced by security attacks, ensuring that all our application systems, services and data meet the "three elements of security"-confidentiality, integrity and availability requirements, and Privacy protection and safety compliance requirements. As with "embracing cloud computing", we also need to "embrace cloud computing security" and take "cloud computing security" as an important part of our corporate modern security strategy.
How does cloud computing change security teams?
"The road is a foot high, and the magic is a foot high." With the continuous evolution of IT technology, the security threats we face are also highly evolved. The security team also needs to have modern security strategies, tactics, security architecture, security technology, and corresponding personnel and processes to adequately respond to highly evolved security threats. Therefore, in the era of cloud computing, security teams also need to fully embrace modern new technologies such as cloud computing, big data, machine learning, and artificial intelligence in order to better respond to various attacks.
But this kind of change is often painful, especially in the early stages of the transformation from traditional enterprise security to embracing cloud computing security. At this time, security teams usually still use traditional corporate security thinking to protect cloud computing services and platforms. At this time, the security team often encounters the following two problems:
- The existing security team members lack the knowledge and skills related to cloud computing security, and thus lack the comprehensive support and protection capabilities related to cloud computing services. They cannot effectively resist and prevent network security risks for the enterprise, thus failing to transform and transform the business of the enterprise. Digital transformation provides strong security and decision support.
- Due to the technological changes in cloud computing services, the security architecture we face is also undergoing changes. Traditional corporate network security tools often lack effective or efficient support for cloud computing services and platforms, as well as effective attack prevention and threat detection for cloud computing platforms and services, and there is a lack of technical capabilities.
However, "learning from history, we can know the rise and fall", since we can't stop the changes brought about by cloud computing, why not take the initiative to embrace the changes in cloud computing security?
In the era of cloud computing, the responsibilities of the security team are mainly one of the following two:
- Protect cloud computing services, platforms and data. When enterprises are undergoing digital transformation and embracing cloud computing, we need to integrate security into the planning, design, deployment, implementation and operation of cloud computing services to ensure that the company’s security policies and standards can be applied to all cloud computing services and platforms. Get effective and efficient implementation.
- Apply modern security technologies and capabilities provided by cloud computing. "Workers must first sharpen their tools if they want to do well." The security threats we face are highly evolved, so the security team also needs to have matching modern security technologies and capabilities to adequately respond to highly evolved security threats. Therefore, in the era of cloud computing, security teams also need to fully embrace cloud computing and the corresponding security technologies and capabilities provided by advanced technologies such as big data, machine learning, and artificial intelligence in order to better respond to various advanced attacks. , And meet the requirements of the previous responsibility.
In the early days of enterprises embracing cloud computing, cloud computing platforms are often regarded as an additional "virtual data center"; at this stage, security teams usually only see the former of the above two responsibilities-" protect cloud computing services, Platform and data ". However, with the continuous expansion and continuous change of enterprise IT adoption of cloud computing services, and the continuous application of modern enterprise security architecture and security technology, the focus of the security team usually shifts to the latter of the above two responsibilities-" Application Cloud Computing The modern security technology and capabilities provided are ". For enterprise security teams, " applies the modern security technology and capabilities provided by cloud computing " usually has the following benefits:
Fully obtain the security "premature power" based on advanced technologies such as cloud computing, big data, machine learning and artificial intelligence, and nearly unlimited computing power and storage capacity;
- Always use the latest security intelligence, analysis and prevention technologies and capabilities;
- Plug and play, what you see is what you get, quickly enable and expand security functions;
- Low manual intervention, highly automated asset identification and continuous security assessment;
- Use on demand, low capital expenditure (CapEx).
How does cloud computing change corporate security?
When it comes to cloud computing-related security, the "shared responsibility model" may appear in everyone's mind for the first time. This is because the core concept of cloud computing services is the "rental model." Based on the different types of cloud computing services you use, you have different security controls and capabilities, and at the same time, your security responsibilities are also different. You and the cloud computing service provider are in a cooperative relationship. In order to achieve effective and efficient security protection, you must cooperate fully and closely with your cloud computing service provider. All security teams must learn and understand this "shared responsibility model" to adapt to the security technology and capability combination of this new world in the cloud computing era, so as to avoid inadvertently causing gaps or overlaps in the security situation of the enterprise, leading to security Risk or waste of resources.
In the minds of many security team members, cloud computing security is just an increment of traditional enterprise security. The core is to protect cloud computing services, not to replace traditional enterprise security. In fact, I think that this thinking is far from enough. Cloud computing security is a technology generational replacement, similar to the migration from mainframes to PCs. The future of our enterprise's security development is sufficient, " should use modern security technology and capabilities provided by cloud computing." We need to fully realize the importance and urgency of this change, and make a fundamental change in expectations and mentality, in order to successfully control this change, thereby reducing internal conflicts in the organization and improving the effectiveness of the security team And efficiency.
The following aspects have a very important influence and position in the security strategy of "Embracing Cloud Computing Security" and must be given priority consideration:
- partnership with common goals . In this era of fast-paced decision-making and constantly evolving processes, security teams can no longer be "self-centered", but must work closely with business teams and IT teams to build good partnerships and target the needs of corporate digital transformation. Establish common goals around business productivity, reliability, and safety, and work with these partners to achieve these goals.
This partnership is the final form of "security shift left", that is, integrating security as early as possible in the business process, thereby making it easier and more effective to resolve security issues. This requires all participants in the organization (business, IT, security, etc.) to carry out corresponding cultural changes and build a good organization and collaboration atmosphere.
As far as the security team is concerned, it must:
(1) understands business goals and IT goals, and why each goal is important, and how they consider achieving these goals during transformation.
(2) shared why safety is important in these business goals and risks, what other teams can do to achieve safety goals, and how they should achieve this.
- Although this is not an easy task, it is essential to sustainably protect the organization and its assets. In the initial stage, this partnership may lead to compromises or even reduction in security, but over time, it will gradually improve steadily.
- safety is an ongoing risk, not a problem . Security is a combination of the possibility of security risks and potential negative effects. It is difficult for you to solve security risks as you solve a problem, and all security risks cannot be solved perfectly by just a certain solution. The management of security risks is an ongoing process. Safety is always an imperfect journey, with no end, and failure if you don't make it.
- Regardless of business productivity or safety success, you need to have both . For business organizations, business productivity and security are both "fish and bear's paws". If a business organization is not productive and promotes digital transformation or innovation, it may lose its competitiveness in the market, leading to its ultimate failure. If the enterprise organization is insecure, it is extremely easy to lose control of the enterprise's assets and cause business failure, which will also lose its competitiveness in the market and eventually lead to failure.
- There is no perfect thing . I think no enterprise organization dare to say that they are using cloud computing perfectly, even if we are Microsoft. The Microsoft IT team and security team, like our customers, deal with many of the same challenges in the process of security transformation, such as finding how to better build projects, balancing support for traditional environments and support for innovation challenges, and even the gap in technical capabilities for cloud computing. As these teams learn how to better operate and protect cloud computing, they are actively sharing the experience and lessons of Microsoft Technet related documents and Microsoft IT Showcase website The engineering team and third-party suppliers provide feedback to continuously improve the product and technology. Therefore, based on our experience, we recommend that the team adhere to the standard of continuous learning and improvement, rather than the standard of perfect realization.
- transformation of 161b9d8cc25e7b is not only risky, but also opportunities . Crisis crisis, when there is a crisis, it is organic, and it is very important to regard digital transformation as an important and positive opportunity for security. Although it is easy to see the potential shortcomings and risks of this change, if you do not actively participate, it is easy to miss the huge opportunity to reshape the security role and positioning and obtain decision-making seats. Security transformation only works closely with corporate business transformation and digital transformation to make everyone's work more enjoyable and better realize the mission of the corporate organization.
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。