In today’s rapidly evolving IT landscape, one concept stands out as a game-changer: cloud-native computing. As organizations transition from traditional on-premises infrastructure to cloud-based solutions, they are altering where their data and applications reside and how they are built, deployed, and secured in this ever-shifting digital terrain. To understand the knowledge of a holistic approach to cloud-native security, we interviewed Priyanka Kulkarni Joshi, a past Researcher and a craver to be a CISO and Cybersecurity Specialist at UBS, specializing in online security research, planning, execution, and maintenance.
Priyanka is also an expert in audits and risk management, ethical hacking, and compliance and has previously managed various freelance security projects. She has excellent managerial skills and an impressive track record in the IT security industry and was nominated as the 2020 Cyber Spartans Award winner. Through her experience in cloud security, she delves deep into the transformative power of cloud-native environments and, more crucially, security’s pivotal role in this shift. The article also explores the fundamental challenges and best practices and provides insights into safeguarding your cloud-native infrastructure.
What is the significance of cloud-native security in modern IT environments?
The significance of cloud-native security in the modern IT environment lies in customizing security capabilities for cloud platforms. Implementing cloud-native security is crucial for safeguarding companies against potential threats and unauthorized access to their data stored in the cloud. This includes sensitive business content related to client orders, designs, requirements, financial information, etc. Additionally, this measure aids in averting data leaks and the theft of sensitive information. Safeguarding data is paramount for upholding the trust of your customers and securing the assets that underpin your competitive edge.
What common security challenges are specific to cloud-native applications and infrastructure?
Some of the most common challenges in security implementation cloud be listed as:
- Cost of security resources
- Lack of visibility in a distributed system
- Reliability issues
- Keeping up to date with outdated technologies
- Monitoring microservices.
- Ability to filter important metrics from the pool of metrics
- Identifying the right tools or platforms.
- Security and compliance
- Lack of technical expertise
Can you help us understand the shared responsibility model from the perspective of containerized application security?
The shared responsibility model in containerized applications is a security and compliance framework that portrays the obligations of cloud service providers and container security stakeholders. It is a critical part of a comprehensive security assessment, which protects the application from potential risk and uses a combination of security tools and policies. As the definition simplifies, this model is responsible for every aspect of the cloud environment where the data security in the cloud encryption of data at rest and data in transit and group configuration would be saved when applied to the containerized applications in use.
What are the best practices for securing serverless applications in a cloud-native architecture?
The best practice to ensure serverless security involves securely storing sensitive data (such as credentials, PII, SSN, etc.) in protected databases. Further security enhancement can be achieved by managing and restricting access, ensuring a secure and limited accessibility framework.
Some best practices can be practiced as follows:
- Minimize the function roles
- Monitor the log functions
- Employ API gateways
- Scan always for a bad code (review each before it’s out)
- Perimeter security should be tough, and the function levels as well.
By upholding this practice, we can assign specific privileges to individual functions, ensuring that these privileges are confined to the narrowest scope required. This approach enhances perimeter security and mitigates potential attacks’ impact.
How can you ensure the security of microservices and APIs in a cloud-native ecosystem?
Ensuring the security of microservices and APIs in a cloud-native ecosystem is a huge task, and both APIs and microservices play a key role in cloud-native environments; microservices serve as the cornerstone of distributed and shared computing resources. Conversely, APIs are a very efficient way to streamline the operations and development tasks with the operational team and ensure that the services used each time are properly isolated from the other tasks.
There are a few ways that we can secure the microservices architecture:
- Use HTTPS
- Scan for any dependencies
- Mitigate loopholes
- Cover security bases
- Use access and identity tokens
- Know, the cloud and cluster securities
- TLS security and secret management
- Extended authentication needs to be managed.
- Access logging
What, according to you, are the key components and considerations to achieve a comprehensive cloud-native security strategy?
Some of the key components for a comprehensive cloud-native security can be listed as:
- Data protection
- Incident response
- Detection controls
- Access management
- Encryption management
What do you best suggest for responding to a security breach or incident in a cloud-native environment?
Responding to a security breach or incident in a cloud-native environment should be like the cyber incident response. In contrast, a cloud-native attack breach frequently follows a typical progression of a legitimate user account compromise, account reconnaissance, privilege escalation, resource exploitation, data exfiltration, and credentials. The cloud incident response is similar to traditional incident response regarding planning, procedures, and controls that facilitate incident detection and response action. However, as cloud deployment involves a shared responsibility model, having a little knowledge about cloud deployment incident preparation key and the incident strategy would ensure an effective response to the security incidents, which will help businesses effectively navigate IT disruption.