APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Enterprise Architecture
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    Editor's Pick (1 - 4 of 8)
    left
    Enterprise Architecture's Dexterity Challenge

    Deepak Singh, MD-IT Strategy & Chief Enterprise Architect, Cushman & Wakefield

    Transforming the Role of Technology in Research and Education Institutions

    Khalil Yazdi, Consulting CIO and Principal, Yazdi and Associates, LLC

    Things You Should Consider for a Successful Cloud Migration

    Koray Sonmezsoy, Head of Architecture & Engineering, Li & Fung Limited

    Spring into Action! Growing Enterprise Architecture for Business Seasons

    Martha Tartal, EA, United States Patent and Trademark Office

    Enterprise Performance Management Key Success Factors

    Thomas Rondot, Chief Financial Officer, Danone

    Building an Enterprise Architecture to deliver strategic outcomes

    Kosta Hahladakis, Enterprise Architect, The Reserve Bank of New Zealand

    Building a Strategic Enterprise Architecture- Myth or Reality?

    Regine Deleu, GM Digital Architecture, Auckland Transport

    Automating Architectures for Rapid Delivery and Governance at Scale

    Robert Sang, 20 Digital Architect, Vector Limited

    right

    Getting your cloud security architecture right in 5 Simple Steps

    Sreekanth Iyer, Executive Cloud Security Architect, IBM India Software Labs

    Tweet
    content-image

    Sreekanth Iyer, Executive Cloud Security Architect, IBM India Software Labs

    Over the years, the role of the cloud has changed – it has matured. Today, cloud is the platform for innovation and business value. It offers simplified application development and delivery by providing infrastructure, platform and software services that are ready to use. Multi-cloud approach is becoming the new normal, while cloud’s shared-responsibility model, risk management and compliance are the key deciding factors for cloud adoption. Security is also a major concern while considering cloud adoption. To address this issue, getting the security architecture right is critical for any enterprise while moving to cloud platform. Here are five simple techniques to ensure you have the right cloud security architecture for your enterprise.

    Define an effective control framework, driven by enterprise CISO teams

    Any move to cloud needs an effective control framework, driven by enterprise CISO. The control framework has to assess and manage risk against the business goals. The strategic approach or framework requires implementation and extension of these controls to the cloud environment well within the IT budget. Continuous monitoring of threats, incidents, and the performance of controls using quantitative metrics is an essential mechanism for the enterprise to move to cloud securely. It is both the environment and controls which need to deliver the protection and security that meets the enterprise requirements to accelerate adoption of cloud with confidence.

    Adopt a workload and data centric approach

    Cloud security policies and requirements are increasingly driven by data classifications and type of workloads. You should consider your type of application, data sensitivity, importance of business process, and your user population to select the cloud deployment model that meets your needs. Conversely, some of the security capabilities and processes are driven based on your selection of the cloud.

    See Also:

    Top Cloud Technology Companies

    For instance, whether you want to leverage cloud for development and testing, or to rapidly develop and deploy innovative cloud-native applications or create cognitive solutions; each cloud adoption pattern has its own set of security requirements. Gaining a clear understanding of the various security options and how to apply them in your solution is crucial for successful and secure cloud adoption.

    Manage identity and access

    This involves two aspects - managing identities and governing user access to cloud resources; and managing access to your cloud applications. The cloud users include your developers, administrators who consume infrastructure, platform or services from the cloud. Cloud Identity and Access Management (IAM) is required to manage the identity involved in privileged activities and tracking their deployment and operations activities, like those performed by cloud administrators. Multifactor authentication may be used to verify user’s identity. For managing user and customer access to your cloud applications; Single Sign On (SSO) and Social login and User Profile tracking capabilities can be leveraged as a service from the cloud. For enterprise users, the solution should authenticate through enterprise directory while the end users can “bring their own identity” like Facebook, Google or any social IDs to access the cloud applications. You may also need to define access control policies for the cloud resources and cloud services. For example-users should access the minimum privileges from the granted privileges to complete the task; also setting detailed context based access control policies for specific resources will help improve the overall security level in the enterprise.

    Protect Infrastructure Data and Application

    Secure Gateway and Connectivity between the cloud and the enterprise is a key component in enterprise’s cloud strategy. Security systems like those available in traditional data centres are also available on cloud, to provide both network protection and isolation. Enhanced systems like, micro-segmentation and capability driven network security groups have recently been introduced to provide workload-centric connectivity or isolation.

    Another critical aspect is designing a secure dev-ops process that includes steps to identify and manage vulnerabilities in the VM, container and application code to prevent any attacks. The solution should cover techniques to encrypt data at rest (files, objects, storage) and in motion, steps on how to monitor data activity and to verify and audit data outsourced to the cloud. The encryption solution should be integrated with customer managed keys secured in a Hardware Security Module (HSM) to ensure complete control of your data in cloud.

    Gain Visibility

    Continuously monitoring each activity and event in the cloud is necessary for complete visibility of your cloud-based environments. Security and visibility can be enhanced in the virtual infrastructures by collecting and analyzing logs in real time across various components and services in the cloud. Visibility across virtualized stacks and IaaS, PaaS and SaaS clouds, gives a clear view of your enterprise cloud and insights into any associated risks while enabling the enterprise to better manage their audit and compliance processes.

    These five measures will act as your seat belt and air bags in your security architecture and will help your enterprise accelerate in the cloud journey with confidence.

    tag

    SaaS

    Identity and Access Management

    Weekly Brief

    loading
    Top 10 Enterprise Architecture Technology Consulting/Service Companies - 2020
    ON THE DECK

    Enterprise Architecture 2020

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Cultivating a Sustainable Future through Collaboration

    Cultivating a Sustainable Future through Collaboration

    Jiunn Shih, Chief Marketing, Innovation & Sustainability Officer, Zespri International
    Mastering Digital Marketing Strategies

    Mastering Digital Marketing Strategies

    Tasya Aulia, Director of Marketing and Communications, Meliá Hotels International
    Building a Strong Collaborative Framework for Artificial Intelligence

    Building a Strong Collaborative Framework for Artificial Intelligence

    Boon Siew Han, Regional Head of Humanoid Component Business & R&D (Apac & Greater China), Schaeffler
    From Legacy to Agility Through Digital Transformation

    From Legacy to Agility Through Digital Transformation

    Athikom Kanchanavibhu, EVP, Digital & Technology Transformation, Mitr Phol Group
    Change Management for Clinical Ancillary Teams: Aligning Practice with Policy and Progress

    Change Management for Clinical Ancillary Teams: Aligning Practice with Policy and Progress

    Ts. Dr. James Chong, Chief Executive Officer, Columbia Asia Hospital – Tebrau
    Digital Transformation: A Journey Beyond Technology

    Digital Transformation: A Journey Beyond Technology

    John Ang, Group CTO, EtonHouse International Education Group
    Building A Strong Data Foundation: The Key To Successful Ai Integration In Business

    Building A Strong Data Foundation: The Key To Successful Ai Integration In Business

    Richa Arora, Senior Director Of Data Governance, Cbre
    Transforming Tollways Through People, Data and Digital Vision

    Transforming Tollways Through People, Data and Digital Vision

    Carlo Cagalingan, Chief Digital Officer and Chief Information Officer, Metro Pacific Tollways Corporation
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://enterprise-architecture.apacciooutlook.com/cxoinsights/getting-your-cloud-security-architecture-right-in-5-simple-steps-nwid-4647.html