There are stark differences between how to manage security policies for on-premises network environments and those that are 100% cloud-based. But many companies continue to struggle with those differences and have experienced plenty of pain as a result.
It’s a challenge Rich Mogull has spent years trying to help companies navigate.
Mogull, CISO at Firemon, recently appeared on Paul’s Security Weekly to discuss what cloud-based organizations need to consider if they are eying SASE and SD-WAN to expand network access for their users. The segment is sponsored by FireMon, whose compliance management tools create a proactive compliance posture that keeps ahead of violations instead of chasing after them.
Mogull discussed what he sees as the “democratization” of security:
“What used to be naturally centralized and gate kept has become a lot more distributed in the cloud,” Mogull said, adding that in today’s cloud environments, there is no more gatekeeping from the data center. The challenge is how to deal with privilege management, how to make sure one can engage with security teams across a vast array of siloes.
Watch the full episode to hear Mogull’s advice on how to navigate this strange, still-new world.
Beyond this Security Weekly discussion, Mogull has written a copious body of guidance for cloud security practitioners. In one such article, he offered the following recommendations for organizations struggling to keep security on the rails amid the massive shifts brought on by the pandemic:
- Start by fixing cloud governance.
- Speaking of governance, this is a great time to adopt the concept of the “security champion.”
- Improve your cloud security visibility.
- If you aren’t using multiple accounts to manage the blast radius of attacks, start now.
- Level up your cloud-native incident response.
- Perform a top to bottom review of your IAM/RBAC implementation and tighten it up.
Click the link and read the full explanation for each bullet point.