Going for Gold in Cloud Security
The Olympics are nearly finished in Rio de Janeiro, Brazil, after uniting phenomenal athletes in one city for the competition of their lives. While the athletes have been vying for the spotlight, teams of people were working behind the scenes to run the event. They registered athletes, staff, and volunteers, recorded and reported scores, and live-streamed and provided on-demand coverage online. How did they do it? With cloud services.
NBC had exclusive rights to cover the Rio games, and they relied on Microsoft Azure to power their streaming service for over 4,500 hours of content. In addition to streaming, Atos IT Systems utilized cloud infrastructure to support the games. They reduced their physical servers from 1,000 in the 2012 London games to a mere 250 in Rio, with 60% of operations moved to the cloud. And ComputerWeekly reported that by 2018, all systems underpinning the Olympics will be cloud-based.
Securing cloud environments for the Olympic games poses unique challenges.
First, any cloud security solution must be able to scale up quickly and for a short period of time, as millions of people from around the world tune in to view the competition. The underlying cloud environments are scaling up to handle the surge in traffic, and security measures must also scale to keep up with multiple users and devices connecting to the cloud.
Second, cloud security must be able to handle all users and devices. Atos and NBC can’t enforce traditional security controls through proxies or VPN, which would slow performance to a crawl. Who wants to wait for a video to buffer while a gymnast is in mid-air or a swimmer mid-stroke? The entire world is expecting fast access to content and will not tolerate slow load times due to outdated security measures.
A Cloud Access Security Broker (CASB) can help solve some of these challenges through visibility, data security, compliance, and threat protection.
A CASB can monitor activities of all services, end-point devices, and users accessing the cloud environments that support back-end operations, as well as live-stream viewing. In addition, there are many configurations across each cloud environment, and visibility into configuration drift is required to maintain security.
Due to increased visibility into who is accessing content, a CASB can help NBC control viewing rights to its content. Security can also include transport rules between cloud environments, as well as user access and location-specific guidelines.
A CASB can also assist in ensuring that transmission of intellectual property and storage of sensitive data adheres to country-specific regulatory guidelines, including PHI, PII, and EU data clauses. You must have visibility into how data moves in order to adhere to regulatory compliance.
By monitoring all behavior and configurations, a CASB can create a baseline that represents normal user behavior. By utilizing User Behavior Analytics, a CASB can detect behavior that deviates from normal behavior and send an alert to your security team about the suspicious behavior.
To meet the gold standard at the Rio Olympics, cloud service providers and cloud security vendors must step up their game and scale up to meet worldwide demand, monitor and remediate threats, and adhere to global compliance requirements.