Source: CSO Magazine On:
Research shows that organizations are moving systems and data to the cloud in rising numbers. Security when working in the cloud is just as important as in on-premises environments, but relies on a shared security responsibility model to mitigate against cyber threats. Read on for six reasons organizations around the world need cloud security – and how pre-hardened virtual images can help.
1. Configuration is key
Just like on-premises, cloud environments need to be reconfigured with secure settings. CIS Hardened Images™ are pre-configured to be compliant with CIS Benchmarks™ consensus-developed configuration recommendations. Spin up an image and get right to work knowing you’re protected from common configuration vulnerabilities like denial of service, insufficient authorization, and overlapping trust boundaries threats.
2. Stay up to date against threats
Cloud images should be updated frequently to include the latest security updates and patches. Because they’re updated regularly, CIS Hardened Images are a convenient way to compute with confidence that your security is current. It’s easy to reduce your organization’s cyber risk surface by using the latest versions of the CIS Hardened Images.
3. Security where you are
One of the allures of cloud computing it its accessibility – being able to reach important files and applications from anywhere in the world. But convenience comes with the responsibility to secure your organization’s systems and data. Pre-hardened virtual machines are available on the AWS Marketplace, Microsoft Azure, and Google Cloud Platform – so no matter which cloud provider you use, you can make security a baseline part of your cloud infrastructure.
4. Peace of mind
Base images often prioritize ease of use over security, leaving gaps that can cause cyber attacks. Applying strong baselines like CIS Hardened Images can close these gaps and increase your organization’s cyber defenses. The CIS Hardened Images are preconfigured according to CIS Benchmark configuration guidelines – community developed and trusted by users in the business, academia, and non-profit industries.
Scaling resources to meet your organization’s needs is one of the primary benefits of cloud computing. If you require additional power for graphics or processing, or have shifting storage needs, it’s easy to adjust your cloud environment. However, your security should scale with it. Like traditional virtual machines, pre-hardened images adjust to meet your computing needs. As hardware capacity and CPU requirements shift, you can spin up or wind down machine instances – while maintaining strong cyber defenses.
Organizations have come to depend on cloud infrastructure much like they do on-premises environments. Critical applications, files, and work processes are all conducted using virtual machines. CIS Hardened Images are available from trusted cloud vendor programs including Google Shielded VMs and Amazon’s Authority to Operate. They are trusted by thousands of users around the globe to complete millions of compute hours of work each month.
About the Author
Sean Atkinson is Chief Information Security Officer of CIS®
Sean Atkinson is Chief Information Security Officer of CIS® (Center for Internet Security, Inc.). He uses his broad cybersecurity expertise to direct strategy, operations, and policy to protect CIS’ enterprise of information assets. His job responsibilities include risk management, communications, applications, and infrastructure. Prior to CIS, Sean served as the Global Information Security Compliance Officer for GLOBALFOUNDRIES, serving Governance, Risk and Compliance (GRC) across the globe.