Balancing small team demands with the need for cloud visibility - Lacework

Balancing small team demands with the need for cloud visibility

Mark Nunnikhoven - Distinguished Cloud Strategist

May 16, 2022

Balancing small team demands with the need for cloud visibilityThe AWS Cloud is full of promise. As a business, when you’re building in the cloud you want to be able to focus on solving your business problems. Traditionally, IT solved its own problems and created its own set of issues.

IT has a weight to it. Every system and solution in your environment requires operational effort and maintenance. As much as we’d love IT to run itself, it doesn’t.

Security is one area where the perceived operational effort and maintenance requirements can overwhelm even the most prepared teams. This only gets more acute when team members wear multiple hats.

Focusing your efforts

In the cloud, you have the ability to implement solutions that allow you to focus your efforts. It would be nice if you could reduce them, but that’s not realistic. Your goal is to make sure that all of your efforts—and spend— deliver as much direct value as possible.

You don’t want to have to spend time upgrading the server that will allow you to upgrade the component in order to actually roll out the solution to your problem.

To make informed choices, you first need to understand how operations—which includes security—works in the cloud.

Thankfully there’s a simple model that governs all cloud services; the shared responsibility model.

The model is well named, as it lays out what operational work is the responsibility of the cloud service provider and what you are responsible for.

Working the model

In the model there are six areas where daily operational work is required. Those areas are; physical, infrastructure, virtualization, operating system, applications, and data.

When you’re working in traditional, on-premises environments, you are responsible for all of the work across these six areas.

Moving into the cloud—regardless of the service—you immediately delegate at least half of that work to the cloud service provider (CSP). In the cloud, you are never responsible for the physical, infrastructure, or virtualization layers.

That’s a win right away. From the model, we can then infer that the more services we can use that are towards the right hand side, Software-as-a-Service or SaaS, the more benefit to your business.

As with anything in technology, there’s a trade off. In this case, the further towards the right you go in the model, the less customization is available.

That’s ok though. Your best strategy as an organization with limited resources is to start as far right as possible and only “fall back” and take on more work where it’s absolutely necessary.

That’s the best way to optimize efforts.

Security Impact

What that means for your security posture—the overall status of your security efforts—is that you’ll be dealing with a variety of cloud services. Somewhere you can add your own security controls, and others where you’re reliant on the CSP’s efforts.

The good news? Your approach to your cloud security efforts should follow a simple pattern: visibility, insights, and action.

Start with visibility.

You need to understand what’s going on in your environment. In line with the overall goal of optimizing your efforts, this work will not only help with security threats but will also help identify the far more common misconfigurations that lead to these security issues.

Spotting these misconfigurations early allows you to correct them before they become an issue.

With the variety of cloud services in use and—hopefully—the pace at which your teams are deploying your solutions, mistakes will happen. Being able to reliably spot misconfigurations and resolve them will give you the biggest return on your investment.

Insights to actions

With strong visibility of what’s happening in your cloud environment. You want to be able to derive insights from what you’re seeing. These insights should drive your team to action.

The key is prioritization. With all of the activity in your cloud environments, you need to make sure your teams are working on top priority items.

Don’t worry if you’re not driving insights right away, focus on visibility. Understanding what’s going on will naturally lead to insights and actions.

In order to help with that, we’ve pulled together an ebook to help you understand the steps needed to gain visibility and other actions you can take to improve your security practice in the AWS Cloud. “Simplify AWS security for small businesses” is a shareable resource that will help get your team on the same page and streamline your security efforts.