When it comes to public clouds, IT security is always mentioned as a concern. That doesn’t mean that organizations won’t avail themselves of public clouds; it just means that their comfort level with IT security in the cloud is relatively low.
To help increase comfort levels with the Amazon Web Services (AWS) cloud, Logicworks has developed Cloud Patrol, an addition to its line of managed services for AWS, that makes sure IT security policies are consistently applied.
Jason Deck, vice president of strategic development for Logicworks, says Cloud Patrol borrowed principles originally applied by IT organizations that embrace DevOps and applied them to AWS security. The result is a highly automated approach to public cloud computing security that can be applied to the millions of lines of code running in AWS environments.
At its core, Cloud Patrol provides a framework that defines the tools and processes in a way that allows security rules, network foundations, and access policies to be replicated and centrally managed. Cloud Patrol then provides security teams a set of automated tests that continually check cloud environments for errors and vulnerabilities.
The goal, says Deck, is to help organizations manage AWS security with as little human intervention as possible.
For all the excitement about public cloud computing, the simple fact is that securing a public cloud is a more complex endeavor than securing an on-premise IT environment, simply because there are a lot more moving parts. In fact, while AWS has pioneered the whole concept of treating infrastructure as code, from a security perspective securing all those lines of code requires constant care and attention that ultimately should be automated as much as possible.
Besides, most IT organizations today don’t have the skills needed to secure a public cloud, and their chances of finding somebody with those skills hover right around zero.