This article was coauthored by Dan Maunz and Ryan Morrow, both Security Program Managers in the Security & Trust Organization at Cisco
The purpose of this document is to provide the reader with a high-level overview of cloud delivery models, introduce the different deployment scenarios in which cloud services can be operated in, and highlight the risks to an organization when deploying and operating a cloud environment. The final section of this document contains references to publicly available material on general security guidance for cloud environments, links to vendor-specific security guidance, and Cisco resources that can be leveraged to secure cloud environments.
Primary cloud delivery models include:
- Software as a Service (SaaS) – SaaS vendors deliver software applications over the internet.
- Infrastructure as a Service (IaaS) – IaaS vendors deliver IT infrastructure services such as servers, data centers, storage, and networking over the internet.
- Platform as a Service (PaaS) – PaaS vendors deliver the platform and tools to develop software applications.
Cloud deployment models include:
- Public – Available to the public, data is created and/or stored on the service provider infrastructure who administers pool resources. These resources can be free or pay per use via the internet.
- Private – As the name suggested, this option consists of cloud computing resources used exclusively by one business or organization. It can be hosted on premises or by a provider, but the services and infrastructure are always maintained on a private network. Private clouds are often used by financial institutions, government agencies and other organizations that require more control of their environment.
- Hybrid – This deployment option combines private computing resources and public services.
These new cloud-based business models offer many of the benefits noted above, but they also come with potential risks:
- Financial – cost overruns, impact on business return on investment (ROI)
- Privacy – entrusting the organization’s sensitive data to a third party
- Compliance – inability to meet contractual, legal, and regulatory obligations
- Security – access, misconfiguration
- Performance and quality – degradation
- Technical – inability of the business to adapt to dynamic technologies, incompatibility, and limitations on what and how much can be customized
Below are some best practices to help manage and mitigate these risks:
- Plan. Develop a cloud computing strategy that is aligned with your business strategy. This will help to manage investments and to deliver on business objectives while leveraging the benefits of a cloud service.
- Choose your cloud service provider (CSP) wisely. Perform vendor risk assessments for contractual clarity, ethics, legal liability, viability, security, compliance, availability, business resiliency, etc. Leverage independent audit reports to assess soundness of the CSP’s controls. Determine if the CSP has service providers they rely on to provide their services/solutions and scope accordingly.
- Adopt the cloud service delivery and deployment model that will facilitate achieving business objectives, minimize risk, and optimize the value of the cloud investment.
- Understand the shared security responsibility model defined by the CSP. The shared security model divides responsibility between the organization and the CSP. The model differs by CSP, so it is imperative to agree to clearly defined boundaries. Regardless of deployment, the customer is responsible for their own data, endpoints, identity, and access management.
- Do not store your encryption keys where your data is located. There are several methods to consider: storing keys on premises while data is in the cloud, separating the keys from your data through the use of virtual private clouds (VPC), or even utilizing commercial key managers located separately from your cloud ecosystem.
- Strategize not only for scalability but for availability. Establish redundancy by regions and zones.
- Deploy technical safeguards such as a Cloud Access Security Broker (CASB). CASB can be on-prem or cloud-based security policy enforcement points, placed between cloud service users and cloud service providers. It serves as an enforcement point of the enterprise’s security policies as users access cloud-based resources. CASB provides visibility to all cloud services in use, identifies risks, monitors data flowing in and out of the enterprise to the cloud, blocks threats from malware and APT attacks, provides audit trails and facilitates compliance.
- Establish an end-to-end cyclical risk assessment of the cloud project throughout its lifecycle. Mitigate risks as described throughout this document. Monitor, test, and repeat.
General Cloud Security Guidance
This section contains general, vendor agnostic resources and guidance on the implementation of secure cloud computing environments and on maintaining a secure operating environment.
Cloud Security Alliance (CSA) Security Guidance for Critical Areas of Focus in Cloud Computing v4.0
Federal Trade Commission (FTC) Six steps toward more secure cloud computing
NIST Cloud Computing Reference Architecture
Center for Internet Security (CIS) Shared Responsibility for Cloud Security: What You Need to Know
Vendor Specific Cloud Security Guidance
This section contains specific resources and guidance for configuring and maintaining a secure cloud environment for Amazon Web Services, Google Cloud Platform, and Microsoft Azure cloud platforms.
AWS Cloud Security: Shared Responsibility Model
Google Cloud Platform (GCP): Exploring container security: the shared responsibility model in GKE
Microsoft Azure Shared Responsibility for Cloud Computing
Cisco Cloud Security Solutions
This section contains specific Cisco products and resources that can be leveraged in cloud environments to enable enhanced management and monitoring of cloud environments.
How does Cisco secure the cloud?
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels