Amazon, Google and Microsoft continue to pump out features that reinforce their varying perspectives on public cloud security, but they still don’t solve one of the biggest threats to cloud workloads.
The so-called Big Three cloud vendors have added a host of features this year to help users protect their workloads against threats, with slightly different approaches that highlight their products’ maturity and their own technological and cultural pedigrees. But one of the biggest obstacles to lock down workloads on these platforms persists: the customers themselves.
Security remains a top priority as enterprises evaluate a move to the public cloud. There are still scenarios where the cloud is unacceptable, particularly at corporations where data residency and other governmental restrictions are paramount, but by and large security is no longer a reason to reject a move to the cloud. In fact, the security practices and staffing behind these platforms are superior to what enterprises have built internally, according to most industry observers.
According toTim Prendergast
CEO and co-founder, Evident.io, “[Cloud] providers are innovating piece by piece, as they learn more about what attackers are doing to compromise workloads.”
Amazon has progressed the farthest to improve security, simply because Amazon Web Services (AWS) was first to market and lacked many of the tools to track and manage resources that are layered on the platform today. Once found mainly in startups, AWS is now commonplace at large enterprises due in no small part to upgrades of its cloud security tools in the 11 years since it began selling storage and compute resources.
Over the years, AWS has added identity and access management, configuration rules and other policy controls that have become common practice in the cloud. Many of its latest security upgrades reflect the platform’s maturity, with incremental improvements such as tighter integration with other AWS tools. Now, Amazon’s latest steps aim to protect customers from their own mistakes.