Why is Cloud Security different from On-Premise Security?

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome to cloud tech talks this is pritish i'm back with another video in this video i'm going to talk about why is security different for cloud versus on-premise and i'm not going to use the uh jargons or the terminologies of cloud security or on-premise security i'm going to try to instead explain in a with a layman definition trying to relate it to something which is uh you know more understandable for the audience so this is a very different video for you please stay tuned so what you see here what i've attempted to draw here is uh essentially a castle uh i hope it looks like a castle but it is a castle um and we we want to uh relate this to an on-premise uh environment right so let's consider this as on-premise because till the time we don't understand how security was looked at in the past or with on premise we can't look at it from the perspective of how it will look like in the future uh essentially cloud so we'll talk about cloud after we explain what on-premise security look like so let's say this is your on-premise security this is your castle this is where your server sits this is where you host your environment your applications all the users they have to come inside this castle and access that application right so if you're a hacker if you're trying to infiltrate into the castle you're trying to find your way or access to the application there are several levels of security you have to clear right so this is a road to the castle if you see the first layer is this river and i can't simply jump by this river it's too deep uh and if the flow is too fast uh it's not it's not so practical to to try to do that even if i manage to get over this river there is still this brick wall a huge brick wall which i simply cannot climb above and i can't get into uh the castle just by climbing up without having the right tools or accessories in place but once i do if let's assume i do get past the river i do get past the brick wall and i enter the castle and i have access to where it sits that's where a hacker gets access to what he wants to do and what kind of harm or intent he he has to essentially harm the organization or the company's infrastructure right so this is uh in a legacy way if you wanted to protect the castle you you would make sure that you have the right defense mechanisms in place uh right above the wall so essentially these would be the security points for you in terms of not letting anybody over the wall uh you would also protect the the barrier uh which essentially is is parallel to the river so you'd make sure that nobody can get past this point uh you know and nobody can can jump this uh and you have troops patrolling uh over here over here and over here as well just to make sure that they can't get access to this wall etc so all of these technologies that we used right so let's consider let's take an example that this was a firewall uh right and you're not able to penetrate this firewall you can't get access to the system so all of that internet traffic all that hacking traffic is trying to uh you know basically breach this wall which is not uh which is not how um uh you know without that it is not possible to gain access to the applications or intentionally harm the organization in any way that's how the on-premise security used to be that's how applications were built that's how infrastructure was run but today the landscape has changed and cloud is no longer deployed like a castle cloud is entirely different and the demands of customers have changed the way employees and consumers consume applications have changed as opposed to this now this is changed to these little homes all over the village which uh essentially are delivered as cloud services right and let's say they are a part of a giant cloud on the outside so this is your cloud environment uh this this is your micro service [Music] one this is service two this is service three right uh so if you look at the change in how this environment came about right now you don't have to look at this from the perspective for guarding a castle now you have to look at this from the perspective of how can i protect micro service one how can i protect micro service two how can i protect micro microservices three not only that i also have to make sure that the entire cloud that they are sitting on and they are being accessed from is also not uh breachable right so first level of security obviously the cloud itself second level of security the the microservice or the applications running on it the kind of architecture running on it and third which i cannot really depict in this photo is essentially how this house was built and how the code came about itself right so when i go deeper into the concept of cloud security i'll do a separate video talking about the differences between things like security posture management and workload protection so what i'm talking right now is more on the lines of uh workload protection or security management as well a combination of that so uh this is uh essentially the difference between how it used to be in in the past right so when people argue and people they say i have the security that i need and i can i can run the same firewall and essentially make sure that my applications in the cloud are also protected maybe some providers do have the extension or the ability to do it over certain clouds however it doesn't really mean that it was built for that right uh so when you look at cloud security when you look at applications running modern day in infrastructure modern day way of running apps if you're running a devops practice if you're running microservices if you're running containers if you're running kubernetes all of that is deployed across this cloud somewhere in form of modern day architecture right and that cannot be like a castle that cannot be uh just one way street and if you don't breach it you can't get into it right so here there are so many points of failure as far as security is concerned that you have to look at security differently and that's the message i want to give why security for cloud is different from how it used to be on premise furthermore if you look at it from the perspective of a combination a lot of organizations are now running hybrid clouds right so part of their application is running inside this infrastructure but part of it is running in the cloud or extending into the cloud so this creates more complexity this creates uh you know the uh ability to not have everything under one uh control plane and that's where you need to use some of those tools which essentially bring all of that to you right so when i touch upon some of the concepts deeper into cloud security i will talk about how you need to look at it from the perspective of tools which allow you to monitor security on premise and security in the cloud at the same time and not just rely on one side of uh of the story in order to protect your applications in your environment essentially your company this is what i had to explain i hope it was useful and hopefully you you you got a sense of why it is different these days in terms of security um until next one this is pritish signing off from cloud tech talks thank you

Info

Channel: CloudTechTalks

Views: 1,798

Rating: undefined out of 5

Keywords: DevSecOps, Cloud Security, Cyber Security, On premise security, Network security, Firewall, VPN, Application security, Code security, Cloud security posture management, Cloud workload protection

Id: kUBH0yw1usA

Channel Id: undefined

Length: 8min 9sec (489 seconds)

Published: Fri Apr 01 2022