nasscom Community

Cloud for Innovation. Zero Trust for Protection

2 Mins read

Did you know Moderna was able to deliver its first set of mRNA-1273 to the National Institutes of Health for phase one trial within six weeks of initial sequencing of the COVID-19 virus? This feat was possible due to Moderna’s proprietary cloud-based research and development platform. The medical and pharmaceutical industry was on the frontlines of the battle against the pandemic, racing to save lives and restore livelihoods. O one of their most crucial and yet least-known weapons was the cloud!

Until a few years ago, cloud computing was another way to streamline IT infrastructure and lower operating costs. Today, it is the go-to platform for driving enterprise transformation and exponential growth. However, as organizations migrate more workloads from on-premises and datacenters to the cloud, the attack surface increases, and cybersecurity becomes a top challenge for InfoSec teams.

Businesses tend to assume automatic breach protection when they move to the cloud. That is a grave misconception, one that can cost companies financial and reputational loss. A recent report found that cloud security incidents increased by almost 20% in the year 2020. Cloud platforms are multi-tenant environments that serve a global customer base—and while a good provider is likely to maintain the integrity of this shared infrastructure, that itself is not enough.

Cloud, after all, is a self-service platform that requires users to meticulously define controls specific to each of their workloads and resources. These configurations, when not set correctly, make your applications and data vulnerable to attacks. Moreover, with the cloud, there is no physical perimeter to protect—there are thousands of users and points of potential failure residing outside of traditional security borders and protocols. Bottom line, when moving to the cloud, the concept of protective perimeter changes, and in extension, so does the idea of security. It’s time to transform security in tandem with your business!

Zero Trust: Need of the Hour

Based on the “never trust, always verify” rule, Zero Trust is a strategic approach focused on solving security problems inherent to most digital ecosystems. Due to its modern approach and effective use of new-age technologies, Zero Trust has quickly emerged as the best possible solution for organizations of all sizes to secure their networks across on-premises, hybrid, cloud, and multi-cloud.

Traditional security approaches consider trust to be a static factor i.e. if a user or device is within company premises, it is granted server access along with a host of privileges. However, a Zero Trust model works on dynamic control, where access is only provided based on “who, what, why” factors. Zero Trust brings together context and visibility – two essential elements in organizational protection and transformation.

Zero Trust marks a philosophical and strategic shift in security practices. It fortifies organizations’ overall security and ensures complete utilization of applications without disruption or a negative user experience. After all, the cloud, with all its benefits, is no more inherently secure than its traditional host counterparts. So, begin your Zero Trust journey today to create and protect a cloud-enabled organization and drive transformational growth.