RedLock is now a part of Palo Alto Networks - READ MORE
RedTalk: Cloud Native Security vs 3rd Party Security
< Back

RedTalk: Cloud Native Security vs 3rd Party Security

by   |   10.10.18, 6:00 AM

Customers often ask if they should use cloud-native security controls or invest in 3rd party solutions. The answer, of course, is not binary. When probed for the meaning of ‘3rd party security solutions’ it typically reveals a desire to use existing on-premise security controls. After all, utilizing existing tools provides a certain level of comfort. Yet before jumping to technology decisions, it is wise to review both requirements and existing tools.

Security Tools Inventory

Quick self-check: How many security tools do you have in your existing environment and what risks do they reduce? There is power in knowing this information and yet for many, the answer is unclear. Your move to cloud should be an opportunity to rationalize existing security vendors and tools. While working to gather this information, don't forget to also include a list of risks each tool addresses. After all, security is about managing risk. Pair this information with what the cloud provider natively offers and only then will your team be ready to complete a gap analysis. Instead of guessing or going with the easy button, they will be able to make an informed decision on cloud-native vs. 3rd party solutions.

Requirements, Not Technology

When consulting with clients one of the first controls they ask about is firewalls or data loss prevention (DLP) {old habits are hard to change}.

Should we use our existing DLP solution in the cloud or should we use what the CSP natively offers?

This question, while important, more often than not indicates a focus on technology rather than requirements. If we ask the question focusing first on requirements, the answer becomes more clear.

Does the data in the environment have compliance requirements that would exclude the use of native CSP DLP capabilities?

RedTalk: Cloud Native Security vs 3rd Party Security

This focus on requirements is important for DLP as well as any other security tool. Specific to firewalls, in the on-premise world, there was only one option when it came to firewalls: buy a box. Yet Microsoft Azure, Amazon Web Services (AWS) and Google Cloud all have native firewall offerings. Native firewalls offer functionality similar to traditional firewalls but lack awareness of cyber threats that leverage lateral movement as well as intrusion prevention.

The above requirements-driven questioning can be utilized across the spectrum of security tools: Data loss prevention, hardware security modules, endpoint protection, identity and access management, etc.

Summary - Cloud Native Security vs 3rd Party Security

Use your move to the cloud as an opportunity to catalog all your existing security tools using a requirements-driven approach. Adopt CSP native controls when requirements permit and make sure any 3rd party solutions you are considering understand cloud-native APIs. Security must embrace APIs as well as a combination of CSP native and 3rd party controls or face the very real threat of limiting developer and business agility in the future.

This is where cloud-agnostic security tools such as the RedLock Cloud 360 Platform can help. RedLock leverages 100+ native cloud provider APIs to continuously aggregate volumes of configuration, user activity, host vulnerability and network traffic data without impeding digital transformation programs or requiring developers to change how they work.


Related Posts