Weekly CloudNews: The Confusion About Cloud Security


Welcome to this week’s edition of CloudBolt’s Weekly CloudNews!

Here are the blogs we’ve posted this week:

With that, onto this week’s news:

Cloud security is a shared responsibility. Where’s the confusion?

Samantha Shwartz, Cybersecurity Dive, March 15, 2021

“Ensuring the integrity and security of the cloud is a two-party responsibility. The Cloud Security Alliance defines the shared responsibility models as internal security teams owning apps, data, containers and workloads in the cloud while the CSP takes on the physical security of the cloud infrastructure. 

The heart of the shared responsibility model centers on humans and trust. Trust erodes when customers misunderstand what security measures fall under the CSP. More often than not, customers understand what’s expected of them, but confusion grows in the varying security requirements between infrastructure, platform and software cloud environments.” 

The cloud is green. Let’s get on with migration

David Linthicum, InfoWorld, March 12, 2021

“A new report from IDC shows that the continued growth of public cloud computing could prevent the emission of more than 1 billion metric tons of carbon dioxide (CO2) from 2021 through 2024.

Reduced power consumption and emissions means we’re basically doing more with less. The greater efficiencies from aggregated computing and storage resources are motivating enterprises to move from discrete corporate data centers to better utilized and shared resources in public clouds.”

Official: Executive Order to Address Cloud Security Through Procurement

Mariam Baksh, Nextgov, March 16, 2021

“The White House plans to double down on commercial cloud technology through an upcoming executive order in response to the massive hacking campaign that leveraged cloud services to gain broad access into the networks of several federal agencies.

In the so-called SolarWinds hack, perpetrators used a trojanized update of the network management company’s software as well as common techniques like password spraying to gain initial access into nine federal agencies and about a hundred companies. But they also exploited a weakness in Microsoft’s Active Directory Federation Service to jump to organizations’ cloud-hosted Office 365 accounts and move laterally to other parts of organizations’ systems.”

We’re here to help you anywhere on your hybrid and multi-cloud journey. Request a demo today.

Related Blogs

Cloud Cost Efficiency: Strategies to Optimize Rate and Usage

In the modern digital era, cloud computing has become an integral component of business operations, offering scalability, flexibility, and cost-efficiency.…

What is cloud fabric orchestration

Understanding the Cloud Fabric The cloud fabric encompasses all the different clouds, services, applications, tools, and threads interweaving to form…

Top 3 cloud financial management challenges

Introduction As cloud costs continue to rise, comprising an ever-larger share of IT budgets, there is increasing executive scrutiny on…