Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Skip to main content

Foreword

Welcome to the eighth edition of the Atos Digital Security Magazine! This issue gives you deep insights into the state-of-the-art for modern cloud security – a major topic for any company looking for new business advantages.

Tap into the benefits of cloud computing

Cloud computing offers a wide range of benefits for organizations of all sizes. It can deliver significant cost and efficiency gains, help them remain flexible, offer near endless scalability and enable companies to quickly adopt innovations to stay ahead of the competition. Those who adapt first will become technical innovators and position themselves as leaders in an ever-changing market.

Cloud security matters right from the start

Many organizations that migrate to the cloud treat cybersecurity (and cloud security in particular) as an afterthought — something that is only considered after the migration process is finished. This leaves the system vulnerable and causes organizations to miss an opportunity to deeply integrate security into the architecture.

Integrating security after migration has another drawback as well, as it can be particularly challenging. Incorporating the cloud into an organization’s existing security program is not as straightforward as adding a few more controls and dashboards. Instead, a thorough assessment of the business requirements and solutions in use is needed to develop an appropriate security strategy.

Wolfgang Baumgartner

Wolfgang Baumgartner
Head of Digital Security Consulting, Atos

The complexity of implementing cloud security

At Atos, when we perform a proactive cloud security assessment, we move through different environments to identify vulnerabilities and elevate our privileges. A common observation from these assessments is that many of our clients are unsure of their own set-ups. In order to successfully move to the cloud, they need to understand how the process works.

There are some stumbling blocks on the road — like the question of who will be responsible for the migration. Whoever is nominated as the responsible person is not necessarily trained for this action. Quick training from the provider will often solve the problem, but they build what they know (namely networks) and include only network security. Unfortunately, that covers just one part of the necessary measures.

The duality of the data layer (old school with packets, services running on virtual machines and data being transferred and stored) and the control layer (which orchestrates resources, permissions and security) must also be considered – a very complex situation.

Responsibilities and permissions

One key aspect to consider is that security in the cloud is always a shared responsibility between the public cloud provider and the user. Organizations often believe that the cloud is secure since “the big providers know what they are doing.” However, they may overlook that the provider is only responsible for physical protection in a data center and the virtual separation of the data for different customers. The user is ultimately responsible for everything that is stored within the cloud. Companies should not underestimate their own role in the security approach, because it is sometimes unclear where the responsibility stops — and it’s possible to build highly insecure applications on highly secure offerings.

Another important topic is permission management. It is common to use the deny approach, where existing permissions and options are restricted. Very often, the system’s cloud set-up is comparable to what our teams see in onsite security: everything is running as root and everyone has access to everything. The better approach is to decide beforehand who should be allowed to use a specific service.

A glimpse into the future

Organizations need a private, secure solution which is easy to deploy and manage without restricting functionality. Cloud security offers significant advantages such as more flexibility to react to ever-changing threats and a reduction of administrative efforts through intelligent tools. An adequate cloud security strategy also ensures not only the security of the organization’s core asset (its data), but also safeguards data in compliance with all legal requirements. It protects companies from the reputational, financial and legal consequences arising from security or data breaches.

Our experience shows that clients greatly appreciate a well designed and implemented security strategy — once they recognize its value. By securing your systems with a state-of-the-art security methodology, you can show your customers how carefully you guard their data, which will bring you a major competitive advantage.

In this issue of the Atos Digital Security Magazine, our experts cover a wide range of topics, spanning the current state of cloud-related cybersecurity to an outlook on where it is headed. You will learn how to securely migrate sensitive data, the top threats to PaaS/IaaS/SaaS environments and what a customer’s journey to sovereign cloud looks like.

Start building trust in your market with cloud security now!

Be the first to know the latest insights from the market.

The cybersecurity community is growing and is nurtured by the deep knowledge provided by the experts.
Register to our newsletter to be informed first of the release of next editions of Atos Digital Security Magazine.

It is each quarter, free and you can read it anywhere.

Thank you for your interest. You can download the report here.
A member of our team will be in touch with you shortly