{"id":661093,"date":"2023-02-01T08:57:50","date_gmt":"2023-02-01T06:57:50","guid":{"rendered":"https:\/\/businesstech.co.za\/news\/?p=661093"},"modified":"2023-02-01T09:12:30","modified_gmt":"2023-02-01T07:12:30","slug":"google-puts-more-power-behind-cloud-security-shared-fate-model","status":"publish","type":"post","link":"https:\/\/businesstech.co.za\/news\/industry-news\/661093\/google-puts-more-power-behind-cloud-security-shared-fate-model\/","title":{"rendered":"Google puts more power behind cloud security, \u2018shared fate\u2019 model"},"content":{"rendered":"<p>Google Cloud\u2019s <strong><a href=\"https:\/\/cloud.google.com\/blog\/products\/identity-security\/google-completes-acquisition-of-mandiant?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>recent acquisition of Mandiant<\/strong><\/a><\/strong>, a leader in dynamic cyber defence, threat intelligence and incident response, will significantly strengthen Google\u2019s already-robust cloud security.<\/p>\n<p>This is according to Louis van Schalkwyk, Head of Technical Operations at Digicloud Africa, who says the Google Cloud security portfolio is simplifying and enhancing security for customers of all sizes.<\/p>\n<ul>\n<li><strong><a href=\"https:\/\/www.digicloud.africa\/security-with-google-cloud\/?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=January+2023\" target=\"_blank\" rel=\"noopener\"><strong>Click here for more information about Digicloud<\/strong><\/a><\/strong><\/li>\n<\/ul>\n<p>Says Van Schalkwyk: \u201cIn South Africa, there are still misconceptions around security in cloud infrastructure and workloads. At the one extreme, some organisations believe that moving to the cloud will automatically secure workloads.&#8221;<\/p>\n<p>&#8220;At the other extreme, some organisations think the cloud is not secure at all. The reality is that the cloud is not secure by default, but it\u2019s not insecure either. It\u2019s about how you configure your cloud security.&#8221;<\/p>\n<p>&#8220;What many people may not know, is that a lot of the tools and mechanisms Google uses to support its own security are available to customers. Google Cloud offers a strong and growing portfolio of tools to enhance and simplify cloud security management.\u201d<\/p>\n<p>\u201cWith the Mandiant acquisition, Google is increasing its global threat intelligence and attack surface management capabilities, and will use global knowledge to better protect customers in real time,\u201d he says.<\/p>\n<h3 class=\"my-4\"><strong>Shared fate in the cloud<\/strong><\/h3>\n<p>Van Schalkwyk says Google is evolving a \u2018shared responsibility\u2019 model to a \u2018shared fate\u2019 model, in which it actively partners with customers to deploy secure solutions in the cloud.<\/p>\n<p>\u201cResponsibility and accountability for security vary, depending on whether you\u2019re using infrastructure as a service, platform as a service, or software as a service,\u201d says Van Schalkwyk. \u201cFor example, when you run applications on your own infrastructure, you are in complete control, and responsible for, security at all layers from hardware to the application.<\/p>\n<p>Depending on how you architect your applications in the cloud, some or most of the responsibilities can shift to the cloud vendor. Security becomes a shared responsibility between the customer and the cloud provider.\u201d<\/p>\n<p>This diagram shows who\u2019s responsible for different areas when comparing on-prem with infrastructure, platform and software &#8211; as a service.<\/p>\n<p><a  data-lightbox=\"post-image\" href=\"https:\/\/businesstech.co.za\/news\/wp-content\/uploads\/2023\/02\/Picture3.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-661217\" src=\"https:\/\/businesstech.co.za\/news\/wp-content\/uploads\/2023\/02\/Picture3.png\" alt=\"\" width=\"1200\" height=\"1143\" srcset=\"https:\/\/businesstech.co.za\/news\/wp-content\/uploads\/2023\/02\/Picture3.png 1200w, https:\/\/businesstech.co.za\/news\/wp-content\/uploads\/2023\/02\/Picture3-300x286.png 300w, https:\/\/businesstech.co.za\/news\/wp-content\/uploads\/2023\/02\/Picture3-1024x975.png 1024w, https:\/\/businesstech.co.za\/news\/wp-content\/uploads\/2023\/02\/Picture3-768x732.png 768w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/a><\/p>\n<p>Van Schalkwyk notes: \u201cIt\u2019s important to note that the diagram provides guidance at a high level. In reality, applications hosted in the cloud might make use of several different solutions, so the security requirements aren&#8217;t as clear cut.&#8221;<\/p>\n<p>&#8220;There might be a misconception that moving to the cloud automatically makes your application secure (or not secure, depending on who you talk to). Moving to the cloud can offer improved security and risk mitigation but it can also introduce additional risks if not secured correctly.\u201d<\/p>\n<p>He believes that cloud providers should provide customers with a solid, secure foundation on which customers can execute the shared responsibility model.<\/p>\n<p>\u201cOn Google Cloud, this is offered through deployment blueprints that provide customers with curated, opinionated guidance to optimise native controls and service for a secured landing zone in the cloud.<\/p>\n<p>According to recent research by the <strong><a href=\"https:\/\/cloudsecurityalliance.org\/press-releases\/2022\/06\/07\/cloud-security-alliance-s-top-threats-to-cloud-computing-pandemic-11-report-finds-traditional-cloud-security-issues-becoming-less-concerning\/?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>Cloud Security Alliance<\/strong><\/a><\/strong> the top 3 threats to cloud computing are insufficient identity, credential, access and key management; insecure interfaces and APIs, and misconfiguration and inadequate change control. Google has put measures in place to help customers mitigate these.<\/p>\n<p>Says Van Schalkwyk: \u201cUnderstanding who is responsible for what is therefore essential to ensuring application security. That said, drawing a line in the sand to separate responsibilities isn\u2019t a great way to get going either.&#8221;<\/p>\n<p>&#8220;Luckily Google Cloud is offering customers their <strong><a href=\"https:\/\/cloud.google.com\/architecture\/security-foundations?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>security blueprints<\/strong><\/a><\/strong>, which offers implementation examples to ensure customers follow industry best practices.\u201d<\/p>\n<p>Google Cloud\u2019s <strong><a href=\"https:\/\/cloud.google.com\/architecture\/security-foundations?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>security foundations blueprint<\/strong><\/a><\/strong> covers what customers need to land security in the cloud before expanding. These blueprints cover a wide range of initial config areas to consider, from organisational structure and policy, authentication and authorisation, resource hierarchy, networking, key and secret management, logging, detective controls as well as general security guidance.<\/p>\n<p>Combining products and blueprints with integrated security best practices provides customers with the architecture and guidance they need to configure, build, deploy and operationalise secure applications.<\/p>\n<p>Furthermore, specific blueprints help customers protect specific workloads, applications or services. For example, <strong><a href=\"https:\/\/cloud.google.com\/architecture\/protecting-confidential-data-in-ai-platform-notebooks?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>securing PII in AI notebooks<\/strong><\/a><\/strong>.<\/p>\n<p>Van Schalkwyk says that Google\u2019s evolved \u2018<strong><a href=\"https:\/\/cloud.google.com\/architecture\/framework\/security\/shared-responsibility-shared-fate?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>shared fate<\/strong><\/a><\/strong>\u2019 approach offers security capabilities and tools throughout the customer\u2019s cloud journey: \u201cFirstly while you design and build (with security foundations \/ posture blueprints), secondly when deploying, putting guard rails in place through organisation policies and constraints, and thirdly, at run time, by providing monitoring, alerting and corrective-action features through services like <strong><a href=\"https:\/\/cloud.google.com\/security-command-center\/?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>security command centre premium<\/strong><\/a><\/strong>.&#8221;<\/p>\n<p>&#8220;Together these services \/ offerings help reduce risk and provide customers with a better security posture overall,\u201d he says.<\/p>\n<p>\u201cWith the recently completed <strong><a href=\"https:\/\/cloud.google.com\/blog\/products\/identity-security\/google-completes-acquisition-of-mandiant?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>acquisition of Mandiant<\/strong><\/a><\/strong>, Google Cloud will expand their end to end security operations even further, providing customers the best possible protection against threats, whether applications are hosted on prem, cloud or multi cloud,\u201d he says.<\/p>\n<p>For more detailed information refer to Google Cloud\u2019s <strong><a href=\"https:\/\/services.google.com\/fh\/files\/misc\/google-cloud-security-foundations-guide.pdf?utm_source=BusinessTech&amp;utm_medium=Article&amp;utm_campaign=February+2023\" target=\"_blank\" rel=\"noopener\"><strong>security foundations whitepaper<\/strong><\/a><\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google Cloud\u2019s recent acquisition of Mandiant, a leader in dynamic cyber defence, threat intelligence and incident response, will significantly strengthen Google\u2019s already-robust cloud security.<\/p>\n","protected":false},"author":57,"featured_media":661125,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10459],"tags":[15881],"class_list":["post-661093","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-industry-news","tag-digicloud"],"_links":{"self":[{"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/posts\/661093","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/users\/57"}],"replies":[{"embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/comments?post=661093"}],"version-history":[{"count":8,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/posts\/661093\/revisions"}],"predecessor-version":[{"id":661225,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/posts\/661093\/revisions\/661225"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/media\/661125"}],"wp:attachment":[{"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/media?parent=661093"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/categories?post=661093"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/tags?post=661093"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}