Eyal Arazi , of Radware , discusses the major security threats with migrating workloads to public cloud environments .

cloud environments opens up organizations to a slate of new , cloud-native attack vectors which did not exist in the world of premise-based data centers .

In this new environment , workload security is defined by which users have access to a business ’ s cloud environment and what permissions they have .

As a result , protecting against excessive permissions , and quickly responding when those permissions are abused , becomes the number one priority for security administrators .

Traditionally , computing workloads resided within the organization ’ s data centers , where they were protected against insider threats . Application protection was focused primarily on perimeter protection , through mechanisms such as firewalls , IPS / IDS , WAF and DDoS protection , secure gateways , etc .

However , moving workloads to the cloud has led to organizations ( and IT admins ) to lose direct physical control over their workloads and relinquish many aspects of security through the shared responsibility model .

As a result , the insider of the old , premisebased world is suddenly an outsider in the new world of publicly hosted cloud workloads .

IT administrators and hackers now have identical access to publicly hosted workloads , using standard connection methods , protocols and public APIs . As a result , the whole world becomes an insider threat .

75