A new adage is emerging in the cloud security world that context is the new perimeter.
If you believe this, and there is every reason to believe it, then it begs the question – Where is this context?
Why has the shift to the cloud made context so much more important?
To answer this question, it is worth stepping back to look at the broader changes behind the shift to the cloud.
As digital transformation has accelerated across industries, businesses have adopted cloud at a rapid pace.
In the emerging technological landscape, cloud adoption is being led by the business user.
Increasingly, configuration and management is also being done by the business user. Configuration includes such things as
This federated acquisition and configuration creates an interesting challenge for security teams. Security teams lack context.
IT and Security teams are almost always fully engaged in managing global services such as Office 365, SPAM filtering, end-point configuration, etc. However, when it comes to business applications, this is almost never the case.
It is the inbound marketing lead who knows why a specific user who is absent from the corporate directory, has access to tools such as Hubspot and Mailchimp. It is the engineering project lead who knows why a certain IAM role in AWS is configured with a cross-account policy to read data. It is the customer success engineer who knows that an API integration into Zendesk is necessary for customer data exports to be analyzed for customer satisfaction.
When it comes to the cloud, business teams have context.
A foundational principle of Zilla Security is that in a cloud first world, individuals outside of security teams play a significant role in security and compliance. Business users are not trained in security but care just as much about protecting the applications and data they use on a day-to-day basis.
Securing this new perimeter requires regular collaboration between IT & security teams and the business users they serve. Processes such as periodic access reviews and security reviews engage the business and provide a strong foundation for this collaboration. Automation can make these processes simple so that only critical changes take valuable time from the business user.
Context is the new perimeter and securing this perimeter is everyone’s responsibility. Tools like Zilla can help.