Sales: +370 5 203 4385, sales@skaylink.lt

Support: +370 5 203 4380, service@skaylink.lt

Service Desk
TeamViewer
Screen Connect
Homepage
Cloud Services

Migration, Lift&Shift, 24/7 Operations, Multicloud, CaaS

DevOps services

CI/CD, Azure DevOps, Kubernetes, AWS, Azure

IT services

Security, Armour, Modern Lenovo & Apple Workplace

Career
About us
News
Contacts
Plan Your Cloud
Cloud Architect Advisory Cloud Hosting & Private Cloud Hybrid and Multi-Cloud strategy AWS & Azure reselling
Manage your Cloud
Azure Management AWS Management Cloud Management services WAF Assessment
Products & Solutions
AWS & Azure Cyber security assessment and DevSecOps practice implementation SharePoint online solutions Migration to O365 and Azure Azure and AWS Performance and Cost optimization CI/CD practice implementation Lift-and-Shift migration to AWS or Azure AWS Cost Optimization
Build your Cloud
Azure Migration AWS Migration Cloud Migration services Cloud Landing Zone
Modernize your Cloud
Managed DevOps Security-IN-Cloud Azure & Azure Performance & Cost optimization Proactive Communications & 24/7 Support
Platforms & Tools
AWS Azure Cloud Check-Up Storadera
Frameworks
CAF (Cloud Adoption Framework) WAF (Well Architected Framework)
Assess & Plan Your DevOps
DevOps strategy and advisory Microservices Consulting
Manage Your DevOps
DevOps management and Monitoring DevOps Support Services
Products & Services
Cloud Check Up (Get Free Offer!) GitLab as a Service Azure DevOps
Implement CI/CD & Automate
Infrastructure as Code (IaC) and Automation Cloud-Native CI/CD CI/CD Practice Implementation Kubernetes Enablement
Integrate Security
DevSecOps AWS ir Azure Cyber saugumo vertinimas ir DevSecOps praktikų diegimas
Platforms & Tools
Azure DevOps Cloud Check-Up powered by CloudCheckr GitLab DataDog Black Duck JFrog Xray
Elevate Your IT
IT Infrastructure Development and Management Network Development and support Modern hardware and software supply
Empower Your Employees
Modern Workplace Management BTT Armour - managed security service NIS2 compliance Lenovo Powered Workplace Apple Powered Workplace Surface Powered Workplace "Dell Technologies" for business
Solutions
IT Effectiveness and Maturity Assessment Migration to O365 and Azure Lift-and-Shift migration to AWS or Azure SharePoint online solutions
Operate Your IT
24/7 Emergency Support Data Security & Business Continuity Managed Detection & Response
Innovate With better performing IT
IT Effectiveness and Maturity Advisory & Enhancement Competence as a Service Projects & Consultancy
Platforms & Tools
Lenovo Apple Dell Technologies Microsoft for bussiness Sophos AWS Azure
Frameworks
ITIL v5 ITSM
July 31, 2023

Navigating the Cloud: A Tale of Security-of-the-Cloud vs Security-in-the-Cloud

Picture this — you’re the captain of a ship, ready to embark on a voyage across the vast ocean of data. Your journey demands two vital components: the structural integrity of your vessel (that’s your cloud platform) and your command over navigation (how your data is managed). Today, we’ll unpack these two interconnected concepts: 

Security OF the Cloud and Security IN the Cloud — these aren’t interchangeable, they’re two sides of the same coin.

 

The Safety of Your Ship: Security-of-the-Cloud

Think of Security-of-the-Cloud as the shipbuilder’s guarantee. It’s the assurance that your vessel (the cloud platform)  is sturdy, resilient, and built to weather any storm. In this aspect, your cloud service provider (CSP) like Amazon Web Services (AWS), Google Cloud, or Microsoft Azure steps up. They construct the cloud platform with rigorous security measures. For instance, they protect their data centers with a multi-layered physical security model, including: 

  • perimeter fencing
  • 24/7 security personnel
  • CCTV surveillance
  • Biometric access controls

On the network front, they deploy security measures like firewalls, web application firewalls (WAFs), and distributed denial of service (DDoS) protection systems.

The CSP also ensures its servers are configured securely, free from vulnerabilities through system hardening techniques and regular updates and patches. They create virtual machines (VMs) or containers for each client using hypervisors, providing isolation between different clients’ workloads.

But as we know, a well-built ship isn’t all you need for a successful voyage.

 

Navigating the Cloud Waters: Security-in-the-Cloud

 

Now, let’s turn to Security-in-the-Cloud — the navigational rules that guide how you sail the high seas. Even though you have a study ship, you still carry responsibility as the captain to guarantee the safety of your crew (your employees), protect your precious cargo (your data), and steer your vessel (your business operations) away from potential dangers. Here’s your quick, actionable guide to mastering the responsibilities of Security-in-the-Cloud:

  1. Access Management: It’s like assigning roles on your ship. Using Identity and Access Management (IAM) practices, such as multi-factor authentication (MFA) and role-based access control (RBAC), you delegate access rights based on roles. Not everyone on board needs access to the wheelhouse.
  2. Data Protection: Consider your data as valuable cargo. Protect it using encryption for data at rest and in transit. Techniques like Transport Layer Security (TLS) and AES-256 are your go-to measures, forming an unbreakable safe amidst the unpredictable digital seas.
  3. Security Monitoring and Incident Response: Your digital sea is full of threats. Security Information and Event Management (SIEM) systems are your radars, spotting and countering threats in real-time.
  4. Secure Application Development: Regular maintenance of your ship keeps it sailing smoothly. Similarly, secure development practices like input validation and SQL-prepared statements keep your applications robust and secure, ensuring smooth operations.

Now, imagine a situation where a booming e-commerce company, let’s call it “E-Ship”, decided to migrate its services to the cloud. The CSP they partnered with offered top-tier security-of-the-cloud, but they overlooked their security-in-the-cloud responsibilities.

Without adequate access management, an employee’s compromised credentials led to a data breach, costing E-Ship both its reputation and customers.

 

Managed Service Providers — Your Competetive Edge

The stormy seas of the digital world can be challenging to navigate, but an experienced first mate can make all the difference. That’s where a Managed Service Provider (MSP) like Skaylink comes in. We’re experts in navigating Security-in-the-Cloud responsibilities. We’ve steered countless businesses, just like E-Ship, through smooth and stormy seas, ensuring their voyage to success is secure and efficient.

By implementing robust IAM policies, Skaylink can ensure that only the right crew members have access to your valuable cargo. We use industry-leading encryption techniques and cutting-edge SIEM systems to protect your data and detect threats in real-time. Plus, our experts can help fortify your applications with secure development practices.

As your trusted first mate, Skaylink allows you to focus on steering your business toward new horizons while we navigate the complex waters of Security-in-the-Cloud. With Skaylink, you’re always on course for success, regardless of how stormy the digital seas may become.

 

A Lesson From History — Act Sooner Not Later

Now let’s anchor these concepts in a real-world scenario. Remember Code Spaces? a thriving hub that provided developers with source code repositories, issue tracking, and project management services? Their operations came to a grinding halt in 2014 when a hacker gained unauthorized access to their Amazon EC2 control panel causing irreversible damage.

The intruder demanded a ransom. As Code Spaces tried to wrestle back control, the hacker retaliated by deleting most of their data, backups and machine configurations.

The company couldn’t recover from the damage, and it ultimately closed just 12 hours after the hack.

And Amazon was not at fault here, the EC2 instance they were using was just as secure as any other. Security OF the Cloud practices didn’t fail them — Security IN the Cloud practices did.

Had Code Spaces implemented a more robust set of security practices, their story could have been markedly different. They could have assisted in implementing stringent access controls and multi-factor authentication (MFA), minimizing the risk of unauthorized access.

Moreover, if a breach had occurred, a robust disaster recovery plan should have come into play. They could have ensured backups were securely stored and isolated from the primary system, allowing for swift data recovery. This strategy could have potentially saved Code Spaces from closure.

This incident serves as a stark reminder of the value an experienced MSP can bring to the table. Someone who pushes you to do better, helps you patch up holes you didn’t even know existed, and prepares for the worst together with you. 

By ensuring data safety, providing recovery solutions, and offering vital technical expertise, MSPs like Skaylink can help businesses avoid similar catastrophic outcomes.

Related news

All news