The growth and popularity of the public cloud continue to drive more data beyond traditional IT security protections—into data center environments no longer owned, managed, or controlled by corporate IT. On-premises IT security controls do not touch the cloud, leaving customer data at risk from the same types of threats targeting assets and applications in corporate data centers. Whatʼs more, malware introduced into the cloud can easily propagate among VMs, attack virtual segments, or even ride unimpeded over VPN links back to corporate networks.
Public cloud networks are built upon a unified, multi-tenant platform utilizing a shared infrastructure to support millions of simultaneous customers worldwide. Foundational to public cloud environments are enhanced security, operational management, and threat mitigation practices that protect the infrastructure, cloud fabric, hypervisors, services, and tenant environments.
While public cloud providers deliver strong security controls to protect the cloud fabric, they have
no knowledge of “normal” customer traffic and thus are unable to determine malicious content from benign. This presents a big challenge to security administrators to provide the same security protection against the latest fifth-generation (GenV) cyber-attacks targeting the cloud as they do on-premises. A defense-in-depth strategy for the cloud should also include protecting all workloads and data from exploits, malware, and other sophisticated attacks.
To fully embrace the cloud, businesses need to understand where the balance of responsibilities lies between protecting the cloud infrastructure (incumbent upon the cloud provider) and protecting the data that resides in the cloud (incumbent upon the customer). This is what public cloud providers refer to as the shared responsibility model.
In this whitepaper, you can learn how to fulfill your shared security responsibility with Check Point CloudGuard. Download it today!