Cloud Security Monitoring
A cloud services provider is responsible for ensuring its own infrastructure and applications are secure, but that doesn’t mean cloud resources are automatically protected against cyberthreats. Insider threats, hijacked accounts, distributed denial-of-service (DDoS) attacks and advanced malware still pose viable risks to cloud-based assets, and can disrupt business operations and harm important data.
Leading cloud providers such as Amazon Web Services (AWS) have developed resources to help businesses monitor data traffic and cloud-network activity. However, the onus is still on the customer to manage those resources. Furthermore, cloud vendors aren’t required to provide integration with other cloud services, or with on-premises IT assets. This makes it very challenging to develop a security information and event management (SIEM) resource.
A SIEM is crucial for centralization of all log data. Even outsourced security resources such as SaaS-based antivirus, firewall, endpoint detection and response, as well as application controls must be able to share data with a central management console. Likewise, data that lives with an IaaS provider, such as AWS, must consolidate in a single point of reference where it can undergo continuous threat monitoring.
In short, all network traffic must be brought together in one place so it can be monitored and, if necessary, subjugated to incident response. For enterprises with limited budgets and security expertise, however, that’s much easier said than done.
Nuage provides our clients with multiple implementation options and best practice security architecture. We rely on the "best of breed" providers from the market place and position our services to ensure a reasonable cost solution with optimal integration capability in our client's environment.