Intelligent Tech Channels Issue 23 | Page 16

EDITOR’S COMMENT L ike most companies, channel partners work closely with other organisations and need to share often sensitive data with their partners. Trust between channel partners, the vendors they work for and the end customers is essential. Of course, this trust extends to security and as more information moves off premises, the security of data stored on multi-cloud environments is paramount. In the current rapidly changing digitised environment, the CISOs, CIOs or whoever happens to be overseeing security within the channel partnership need to plan for a broad security strategy. Depending on the projects that channel partners are working on, sensitive data may reside in a variety of places including mobile devices, private cloud, SAAS, or public cloud environments. In each of these locations and everywhere in between, the data must be secure. When storing your data with another entity, such as cloud service providers (CSPs), the key pillars are really trust, control and visibility. In order to maintain those pillars, CISOs must take a zero trust approach that incorporates the cloud. What does this 16 Pa sh a HAIDER PASHA, PALO ALTO NETWORKS EXPERT ENSURING SECURITY , P a lo Alto Netwo rks expert mean on the ground? It means ensuring they can limit access by micro-segmenting users’ access, applying least-privilege access and inspecting all the relevant traffic to ensure continuous compliance. Certainly, it is vital for the CSO and the channel partner to have an in-depth understanding of the ‘shared responsibility model’. This is essentially the main differentiator when compared to legacy on premises environments. Once this model is understood and clearly documented and agreed to in an organisational RACI, we recommend customers conduct a risk assessment informed by a thorough understanding of security in the cloud. This means that CISOs at channel partner companies should be able to develop an access and management platform that provides complete end-to-end cloud security. To achieve this, CISOs must focus on all inline traffic capabilities that can protect and segment cloud workloads. In addition, they would also need to protect the hosts in the cloud with technologies that can secure the OS and applications within those workloads. Moreover, to ensure compliance and security are maintained at all times, they should focus on working with an open API-based solution that can integrate new cloud solutions with the same level of speed and agility that the cloud offers. There are a variety of tools such as CASB, VFWs, Identity, Cloud DLP/Compliance, Host-based protection and automated Security Orchestration/Response (SOAR) available. All should be utilised and integrated into their cloud security fabric. CISOs at channel partners can deploy each of these capabilities as they achieve cloud maturity, from maintaining hybrid to multi- cloud and SAAS solutions.