Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Can The Amazon Web Services Model Extend To Security?

Lessons Learned From Cloud computing Could Help You as You Design Your Next-generation Network Security Architecture…

Lessons Learned From Cloud computing Could Help You as You Design Your Next-generation Network Security Architecture…

Many years ago a Seattle-based book seller set about figuring out how to operate their services more efficiently and at scale, inadvertently piloting one of the largest paradigm shifts in the IT world. Yes, I’m talking about cloud computing. Cloud computing, birthed by Amazon, and quickly embraced by Google and Microsoft, is now surging out into the mainstream and will eventually become the new IT model for many enterprises.

Much has been written on the Amazon Web Services (AWS) business model and its architecture, and enterprises like Netflix who have migrated to AWS love it.

Network Security ArchitectureBy all indications, the business appears to be thriving, although there continues to be a shroud of secrecy surrounding the business. The exact details of AWS revenue is not disclosed, but is included in the “other” portion of Amazon’s revenue. In the third quarter of 2012, this “other” part of Amazon’s business accounted for revenues of $648 million out of overall revenue of $13.8 billion, and 60 percent more than the quarter a year ago. If we assume only half of this revenue is associated to AWS, this means that AWS revenue could possibly account for more than a $1.3B annual run rate operation. Pretty sweet for an accidental service offering.

But what can we learn from Amazon’s successes here and its scalable, developer-friendly, flexible AWS model, and can any of these learnings extend to security—whether it is security operations, security architectures or security technologies?

Cloud Computing Might

The power of the cloud and how various businesses are leveraging it within AWS cannot be underestimated for security. The ability to utilize pools of computing resources can now be used to optimize and accelerate security analysis. For example, a honey pot infrastructure running in various cloud infrastructures can provide network data about attacks and suspicious hosts across geographical regions. By leveraging virtualization and cloud technologies, multiple honey pots can be deployed on the same physical host.

Security vendors are already utilizing the power of the cloud for key security analysis. For example, security vendors are harnessing the computational power of the cloud to analyze unknown files for malicious behaviors as part of a comprehensive strategy to tackle modern malware and targeted threats. The power of the cloud enables hundreds of thousands of files to be analyzed in minutes, with a platform for malware that lets it do exactly what an attacker intended it to do. This means the malware can be observed in a protected “sandbox” without impacting an enterprise’s network. With the results of the analysis, a malware signature can be created, enabling protection at an unrivalled speed.

Developers Win

Advertisement. Scroll to continue reading.

In the Amazon world, developers win. Because the AWS infrastructure was developed first by Amazon developers before being offered to other businesses as a service, the development platform is flexible, with technical features that provide developers various options to innovate and design their application of choice. Developers will continue to be the driving force in both the public cloud and within private cloud environments for security.

We can learn from this AWS model of embracing developers. Network security IT admins have a choice to work with developers and their goals of application delivery at scale or work against them, and be a burden to developers by trying to track and control their actions. Application developers want to be in control of their applications, they want to move virtual machine “servers” running these applications as they please, and they want to create new virtual machine workloads as needed.

Network SecuritySecurity, by its very nature, tends to be slow and ponderous with policy changes, approval processes for support of new applications and/or adopting new architectures. Security’s role is now to be more nimble, and embrace the dynamic nature of application developers and ensure compliance continues to be enforced in this environment. This means binding appropriate security policies to applications as they are created and moved. More importantly, it means automating this process to ensure that developers are able to execute change with greater speed, quality, consistency, and yet with a programmatic focus on security. If your security solution doesn’t exhibit these characteristics, it’s time to evaluate alternatives before your developers get frustrated and find some loopholes to bypass security.

Simplicity, not Complexity

With AWS came the concept of self-service of applications, but built on an application infrastructure platform with rich APIs. Developers can leverage this platform for their application delivery needs, without having to worry about the back-end infrastructure design or the protocol being used. For example, do you believe AWS customers care that their infrastructure is built on Xen, not VMware or Hyper-V? It’s all about simplicity, not complexity.

Similarly, in the security world, simplicity is key. If you’re looking through multiple network security management tabs to understand or define your security policies, then you are likely to make more errors. If you have to set security policies by ports and protocol, and continually update them as new applications are developed, then this operational burden will continue to be your Achilles heel, leaving you little time to focus on defining a network security strategy or performing proactive security analysis.

Don’t equate simplicity with ineffectiveness. Your security solution still needs to address requirements from the new threat and application landscape. But, if your security solution takes you days to configure, or you get a wave of despair every time you have to make changes to the security policies, then it’s not an effective solution.

Summary

There are various characteristics of the AWS model that we can extend to security — the ability to leverage economies of scale for security analysis, or to work more closely with application developers to embrace their speed of innovation. The bottom line is that cloud computing is a disruptive and transformational technology that will be adopted by enterprises in one form or another. Lessons learned from a cloud computing leader may help as you design, or consider, your next-generation network security architecture.

Written By

Danelle is CMO at Ordr. She has more than 20 years of experience in bring new cybersecurity technologies to market. Prior to Ordr, she was CMO at Blue Hexagon (acquired by Qualys), a company using deep-learning to detect malware, and CMO at SafeBreach where she helped build the marketing organization and define the Breach and Attack Simulation category. Previously, she led strategy and marketing at Adallom, a cloud security company acquired by Microsoft. She was also Director, Security Solutions at Palo Alto Networks, driving growth in critical IT initiatives like Zero Trust, virtualization and mobility. Danelle was co-founder of a high-speed networking chipset startup, co-author of a Cisco IP communications book and holds 2 US patents. She holds an MSEE from UC Berkeley.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...