IT needs to step up its game when moving toward the cloud. Enterprises are storing an increasing amount of data in the cloud thanks to benefits such as lower capital outlays, increased configuration flexibility, and easy expansion. However, IT needs to find ways to secure those assets to the same level that internal data is protected. Here are four factors IT needs to consider when protecting a cloud environment.
1. Centralized management:
In cloud environments, the emphasis is on the service being used rather than the individual servers and disk drives. In fact, it may be impossible for a cloud service subscriber to determine what or how many servers are used for any particular task, but IT still needs to have a way to manage access to that data. IT can protect the more amorphous cloud infrastructures by defining centrally defined role-based rights that can be managed by business managers as needed by their employees.
2. Service-oriented architecture:
Service-oriented architectures (SOA) provide access to existing functions on an as-needed basis by allowing users to subscribe to a service. SOA applications remove the specific locations of servers and data from the decision and operational considerations of users, so that the service can be used when and where needed. IT needs to establish policies and facilities that recognize and provision SOA resources as they are needed.
3. Federated ID management:
Cloud identity management systems differ from typical enterprise identity systems in that enterprise systems are concerned with internal roles and permissions as they relate to the positions held by the user within the organization. Cloud-based identity management systems may contain similar types of controls that rely on roles but are not necessarily tied to the same definitions that exist within the enterprise.
IT should develop a federated identity management system that connects internal roles and permissions to the cloud-based services in use. This linkage leads to consistent application of rights.
4. Access level-based permissions:
The combination of centralized management, SOA, and federated identity management makes it possible to define access levels to systems and resources based on need and can be defined at a highly granular level. Users are known to the system and their access controlled by defined roles. When combined into a coordinated and connected identity system, users can change jobs or take on interim roles. That’s the case even if they are working under different supervisors and have precisely the right access to the resources they need, whether they are internally based or cloud-based.
As the proportion of enterprise data assigned to cloud-based systems increases, IT must assess overall needs, refine practices, and ensure all resources are secure. Centralized management is the starting point for effectively maintaining a growing enterprise network.
Learn more about AT&T Cloud Services.
Scott KoeglerÂ is an independent business writer and the author of this blog. All opinions are his own. AT&T has sponsored this blog post.