Cloud cybersecurity is a joint responsibility
Atlanta moved more of its enterprise to the cloud after a major ransomware attack. But simply moving to the cloud isn’t a cybersecurity strategy in and of itself. Cloud security is based on shared responsibility.
In March 2018, Atlanta city agencies were infected with the SamSam ransomware virus. The incident knocked out many operations across the city government for weeks, including municipal court scheduling, online bill payments, and the public Wi-Fi network at Hartsfield-Jackson Atlanta International Airport, the world’s busiest. The recovery potentially cost taxpayers as much as $17 million.
Cloud-as-cybersecurity?
In response to this major attack , the city’s chief information officer recently touted the movement of even more of their enterprise to the cloud as an important component of their cybersecurity strategy.
“We’ve also made some transition to a lot of cloud services. Even before this happened, we had cloud services—a hybrid strategy,” Atlanta CIO Gary Brantley said in the city’s cybersecurity video update. “But we wanted to, kind of, move that percentage a little bit higher. And so, we’re in the process of doing that as well.”
Shared Cloud Cybersecurity Responsibilities
While public clouds certainly incorporate built-in security controls, it’s important to remember that simply moving to the cloud isn’t a cybersecurity strategy in and of itself. Cloud security is based on a shared responsibility model. AWS, for example, couches it as the “security of the cloud”—which is their responsibility—versus “security in the cloud,” which is the customer’s. Organizations can’t just expect to move to the cloud and then forget about cybersecurity.
Cloud service providers will protect the hardware and software infrastructure that runs all of its services, but network administrators are responsible for the security of their assets in the cloud.
The Role of DNS
DNS infrastructure offers a unique way to protect assets and compute wherever they may reside. Malware uses DNS 91% of the time, and is hunting for sensitive data wherever it may reside. BlueCat Edge detects, blocks, and quickly remediates cyberattacks across cloud and on-premises environments. When enterprises span multiple data centers and clouds or are being migrated from data centers into the cloud, DNS Edge can keep track of where assets reside and secure them in transit. Within any cloud environment, BlueCat Edge provides visibility and control over every DNS request and response, logging the source IP address for quick review and analysis to detect patterns of malicious behavior.
That cybersecurity model should include defense through DNS. The visibility Edge provides allows cities like Atlanta to keep their end of the cybersecurity bargain.
Published in:
Rebekah Taylor is a former journalist turned freelance writer and editor who has been translating technical speak into prose for more than two decades. Her first job in the early 2000s was at a small start-up called VMware. She holds degrees from Cornell University and Columbia University’s Graduate School of Journalism.
Related content
Micetro simplifies hybrid cloud DNS and IP address management
Learn how Micetro can help you simplify and streamline DNS and IP address management across hybrid and multicloud environments.
Three operational reasons to drop legacy tools and unify your DDI
Learn with BlueCat how visibility and control, process automation, and infrastructure reliability offer three reasons to adopt Unified DDI.
Simplify Microsoft DNS, DHCP, and Active Directory with Micetro
Learn how Micetro makes it easy to administer Microsoft DNS, DHCP, and Active Directory sites and subnets and manage your DDI environment.
Get insight into your DDI environment with Live DDI Analytics
Enroll in our technology preview today to use the Live DDI Analytics tool to get real-time reports and analysis for your DDI environment.