One of the presentations that I delivered this year at TechED Brazil was about On-Premise Security while Migrating to the Cloud. There are many reasons to migrate to the cloud and during this presentation I emphasized the three core elements below:
While those core elements sounds very good, we must also be alert for the new challenges that comes with this adoption, such as:
New Threat Landscape
The presentation was really focus on the second bullet (on-premise security). Some of the reasons why this is still an important point to address include:
The misconception that the migration to the cloud means offloading your security to the cloud provider is just plain wrong. You need to be diligent because at the end of the day it is your data that could get compromise if you relax the on-premise security. You should adopt a defense in depth approach. All the elements from the endpoint to the cloud must be secure, not only the hosts, but the path and the remote clients. Here is a typical example of how this will look like:
There are five key elements in this diagram
In summary the path to the cloud requires a lot of planning to make sure that your users can have a seamless experience while you keep your data secure.