BLOG: Security 101 in the IBM Cloud

August 25th, 2021 BLOG: Security 101 in the IBM Cloud
Dave Santeramo
Security Architect

 

Cloud adoption has skyrocketed in recent years. Whether Hybrid Cloud, Multicloud, private or public cloud, the rate in which companies are moving to adopt cloud architectures has increased exponentially year over year. And the COVID-19 pandemic did not slow things down; in fact, cloud adoption has accelerated even faster.

Many of the core security principles that apply to data center architecture also apply to cloud environments. The biggest difference is speed. With the increased accessibility of cloud resources comes the increased risk that a configuration error can and will be exploited. Maintaining a continuous assessment of configurations across your cloud architecture is a key element to success when operating in the cloud.

Below are a few key building blocks to focus on when migrating your applications to the IBM Cloud.

 

Identity and Access Management (IAM)

A core component of any successful cloud deployment is identity and access management. Controlling and accounting for who is accessing your cloud resources is critical. IBM Cloud IAM integrates customer and workforce identity management into a single solution. IT organizations are no longer divided between internal and external identity solutions or standalone solutions to manage each application. Furthermore, IAM incorporates multi-factor authentication, which is a core part of any sound identity management security strategy. IAM logging is deeply integrated into other IBM Cloud services such as IBM Connect, Log Analyzer, and Cloud Activity Tracker.

 

Application Security

Designing, deploying, and maintaining a secure application is a must in today’s world. With the risks from a data breach growing every day, as well as the ever-present audit and compliance requirements, it is critical that applications be deployed using the most secure frameworks. IBM Cloud has been developed from the ground up to secure the most critical of workloads. Using services such as the IBM Cloud Kubernetes Services, Cloud Foundry, and Cloud Functions, an organization can be secure in knowing that security has been built into the framework from day one. Whether the application requires multitenant application isolation or advanced cryptographic services, all these capabilities are available for a development team to utilize.

 

Firewalls and Network Security

Same as in the data center, controlling access to your data starts with the network. A good solid firewall and network security architecture can greatly reduce the risks associated with the cloud. IBM Cloud has several firewall offerings. From the basic controls that can be put in place using Security Groups to more advanced security using third-party solutions such as Fortinet’s FortiGate and Juniper’s SRX firewalls, organizations have a wide variety of options for implementing a solid network security foundation in IBM Cloud. These third-party network security integrations are appealing since many of these solutions already exist in your data centers, making the learning curve for your network team much easier and implementations less prone to defects.

 

DDOS Protection

IBM Cloud is built from the ground up to provide protection against a Distributed Denial of Service Attack (DDOS). A DDOS attack is an attempt to deny your company and customers access to resources and data. The IBM Cloud can provide protection against application, protocol, and volumetric types of attacks. To further protect against the impact of a DDOS attack, the IBM Cloud has Web Application Firewalls (WAF) and global load balancing capabilities. Combining the DDOS mitigation capabilities with the built-in WAF and global load balancing will put any cloud-based application on a solid footing.

 

API Security

IBM Connect provides today’s cloud platforms with a scalable, high-performance security solution that can be used across multiple clouds. IBM Connect is a single encrypted gateway that uses a microservices architecture to scale. One of the key components of cloud is flexibility and scalability. Whether you are creating, securing, or managing multiple APIs, IBM Connect can be the solution that addresses the risks associated with the ever-growing challenges associated with securing API requests.

 

Certificate Management

Managing the ever-growing number of certificates required by applications in the cloud is becoming more and more challenging. IBM Cloud thought of a solution to the certificate challenge from the beginning. The IBM Cloud Certificate Manager is a free service that helps customers manage their digital certificates. The solution is easy to get started by using either the dashboard or CLI. For those with existing DevOps pipelines, the service can utilize Terraform for seamless integration.

 

Activity Tracking

Knowing who is performing what changes is a critical aspect of cloud architectures. For all of cloud’s ease of use, there is the inherent risk of someone making a mistake and permitting access to resources or data that is not supposed to be public. The IBM Cloud Activity Tracker provides an organization the visibility to record the tasks users perform across a multitude of services. Using a single activity tracking UI dashboard, an administrator can track and generate reports to meet a wide variety of compliance needs. Capturing user and application interactions gives any cloud security team the capability to investigate any security breach or unauthorized access.

 

Assessing Performance

Application performance is a key security component of a cloud architecture. Being able to assess performance over time and associated changes in performance can be indicators of more troubling issues. For example, if a group of hosts in a cloud environment begin to show significant latency in responding to requests, it could be a sign that the host might have been compromised. However, it could be perfectly normal. Without trending application performance, a security team would never truly know what is normal and what is worse.

 

Security Offerings

Information Security companies are developing solutions in the IBM Cloud that provide the same level of security control and visibility familiar to organizations. IBM security offerings assist organizations in the identification of risks in a wide number of Multicloud environments, including IBM Cloud.

Mainline is an award-winning, IBM Platinum partner, the highest partnership level in the IBM partner ecosystem. We actively collaborate with IBM to deliver significant value through groundbreaking and innovative solutions, and we help organizations architect best-fit solutions for their needs.

 

Activity Tracking

 

Mainline has expert security skills to help companies develop cybersecurity solutions to protect your environment. From analyzing the current architecture to designing and implementing a new solution, Mainline has the proficiencies necessary to put your cloud environment on secure footing, protecting it from cyber-attacks. For more information on security solutions, reach out to your Mainline Account Executive directly, or click here to contact us with any questions.

 

You may be interested in:

BLOG: Cybersecurity in a Remote Work-From-Home World

BLOG: Security Challenges in a Multi-Cloud Environment

BLOG: Improving Resiliency in Cybersecurity