Security Responsibilities in the Cloud
In the on-premises world, organizations are responsible for the security of the full stack, including the network, app, compute, and user layers.
When they move to the cloud, organizations sometimes think the vendors are fully responsible for the security of applications. But, that’s actually not true. The cloud vendor is responsible for the security of the infrastructure, including the network, compute, and app layers. But, the organization itself retains responsibility for their users. This includes looking for compromised accounts and behavioral anomalies using technologies such as User and Entity Behavior Analytics (UEBA).
Where it gets particularly interesting is with Infrastructure and Platform as a Service (IaaS and PaaS). The cloud vendor is still responsible for the network and compute layers, but the organization is responsible for the user and app layers. This includes custom home-grown apps they develop as well as the the applications they purchase and download from Force.com and the AWS marketplace.
The CloudLock CyberDev Platform
The CloudLock® CyberDev Platform™ offers security for the applications you build. This includes defense against compromised accounts using UEBA, and defense against data breaches using Cloud DLP.
We offer two options within the CyberDev Platform. The first are the CloudLock CyberDev APIs which connect to custom apps using a series of restful APIs. The advantage to this approahc is that it’s very flexible: you can protect apps you build in the cloud and on-premises.
The second option is CloudLock CyberDev for IaaS and PaaS apps, where we pre-integrate with popular platforms such as Force.com and AWS to automatically and codelessly protect the apps you build on top of those platforms.
How Can This Benefit Your Organization?
Find out when you request a Free Security Assessment. Witness the value of unparalleled visibility, control, and peace of mind when you uncover vulnerabilities across your entire cloud environment– SaaS, PaaS, IaaS, and IDaaS:
- Expose potential compromised accounts, cloud malware, or data security violations
- Validate adherence with internal or industry-governed regulations – PCI, HIPAA, FERPA, and more
- Receive a business analysis, mapping findings to your organizational goals