By 2025, it is estimated that there will be over 64 billion IoT devices around the world, with an increasing number being used around the home by mainstream consumers. Although these devices offer convenience and ease, homeowners need to be responsible for ensuring their security and safe upkeep. In the same way that homeowners add security systems to protect the physical aspects of a property, taking steps to improve the security of IoT devices will keep connected smart systems safe from attack.
About a decade ago, organizations were hesitant to adopt cloud solutions, with many citing security concerns. Fast forward to 2019, and 81% of organizations have a multi-cloud strategy, spurred on by the desire for increased flexibility, usage-based spending and desire to respond to market opportunity with greater agility.
As someone who has worked for their entire career in the Managed Network Services space, if I had to pick out, over the past five years, two of the most impactful shifts in managing technology, it would be a shift from traditional, in-house servers to solutions where 3rd parties build “clouds” to provide similar business functions as well as the increased pressure on organizations to have comprehensive cyber-security strategies as threats become more significant.
Amazon Web Services recently announced new capabilities in the AWS Systems Manager Session Manager. Users are now capable of tunneling SSH (Secure Shell) and SCP (Secure Copy) connections directly from a local client without the need for the AWS management console. For years, users have relied on firewalls and bastion hosts in order to securely access cloud assets, but these options have security and management overhead tradeoffs.
A multi-cloud network is a cloud network that consists of more than one cloud services provider. A straightforward type of multi-cloud network involves multiple infrastructure as a service (IaaS) vendors. For example, you could have some of your cloud network’s servers and physical network provided by Amazon Web Services (AWS), but you’ve integrated that with your servers and physical networking that’s provided by Microsoft Azure.
Enterprises are increasingly adopting a cloud-first approach and migrating their workloads, data and applications to the Cloud. Amazon Web Services continues to lead the Public Cloud industry with more than 30% of the market. As digital transformation progresses and the digital space expands, so does the attack surface that exposes the ongoing proliferation of security risks. In today’s cloud-first world, security remains the primary concern.
The cloud certainly offers its advantages, yet as with any large-scale deployment, the cloud can offer some unforeseen challenges. The concept of the cloud just being “someone else’s data center” has always been a cringe moment for me because this assumes release of security responsibility since ‘someone else will take care of it’.
On AWS, your workloads will be as secure as you make them. The Shared Responsibility Model in which AWS operates ensures the security of the cloud, but what’s in the cloud needs to be secured by the user. This means that as a DevSecOps professional, you need to be proactive about securing your workloads in the Amazon cloud. Achieving the optimal level of security in a multi-cloud environment requires centralized, automated solutions.