Speaker: Dave Herrald, Principal Security Strategist, Google Cloud
Today's Topic: Cloud Security Basics
Dave Herrald: I think the first thing to understand about cloud security is that it changes your security boundaries and whether we realize it or not, our security controls are built into and around and upon these boundaries. So when those change, we can't rely on the same security controls that we've used for a long time. And if we broaden our view a little bit, there's another big challenge. And that's the way that your organization can use the cloud. And what I mean by that is I think of on-premises infrastructure, think back, it would take weeks or months or maybe longer to procure and deploy new infrastructure and that allowed security teams time to prepare for for the increase in workload or spikes in log volume or updates to tooling. Now with the cloud, a security team can wake up one day and the business may have doubled or tripled or more the number of systems and infrastructure to monitor and if your team and your processes and your technology are not built to scale better than linearly, then you can quickly become overwhelmed. If I had to give one piece of hard technical security advice to organizations moving to the cloud, it's this: Understand the identity and access management system of your public cloud service providers. In the cloud, IAM is very often the first layer of defense. It's often exposed directly to adversaries over the internet, and I would say that it's easy to recommend things like using multi-factor authentication for basically everything, and you should do that. But don't stop there. That's not really the point I'm trying to make. I think if you want to be secure in the cloud, you need to understand how service accounts work, how roles work, how capabilities are assigned and delegated, how secrets are managed, how metadata services work. And the fact that nearly everything in your cloud environment operates with a set of permissions and those permissions, if they're managed properly, can strengthen your security posture or they can be abused by an attacker to cause harm.