Security in the public cloud is based on the concept of shared responsibility: The largest cloud service providers deliver a secure, hyperscale environment, but it’s up to the customer to protect everything it puts into the cloud. This separation of duties can be tricky for enterprises when moving to a single cloud but becomes even more complicated in a multi-cloud environment.
The challenge for CISOs is determining how the Big 3 cloud services providers—Amazon AWS, Microsoft Azure, and Google Cloud—differ in the way they provide a secure and resilient cloud platform. Which provides the best native tools to help protect your cloud assets? How can you make
Experts agree that all the hyperscalers do an excellent job protecting the cloud itself. After all, delivering a safe, secure environment is core to their business model. Unlike budget-constrained enterprises, the cloud services providers seem to have unlimited resources. They have the technical expertise and, as Doug Cahill, senior analyst at Enterprise Strategy Group (ESG) points out, “Given their massive presence across the globe, all the availability zones, points of presence, dark fiber around the planet, they see an incredible volume of malicious activities every day, which puts them in a position to be able to fortify their defenses based on that level of visibility.”
While the Big 3 tend to keep their internal processes and procedures close to the vest, they all do an excellent job protecting the physical security of their data centers, defending against insider attacks, and securing the virtualization layer upon which applications and development platforms run, says Richard Mogull, analyst and CEO at Securosis.