Defend Your Data: Why Cloud Workload Protection Should be Your Top Priority

What is a cloud workload?

Underneath the overall umbrella term of “cloud management”, there’s a range of tools that deliver visibility and security, including:

• Cloud provisioning and orchestration
• Security and compliance
• Inventory and classification
• Cost management and optimization
• Migration, backup, and disaster recovery

They exist to support business use of cloud workloads across public and private clouds. Any firm’s cloud workload will be distinct and unique, but the term broadly refers to the amount of work running on a cloud instance at any time. Most companies measure their cloud workload at peak periods to judge the need for expansion and strategic planning.

That can be thousands of users operating in Google Docs or Microsoft Office 365, or different teams working in Slack, Azure or AWS development services. The workload is the total of data processing, transfer and messaging traveling across a company’s cloud footprint.

Most cloud service providers offer 99.9% uptime, but during that 0.1% many companies find themselves struggling with downtime (which equates to 8.76 hours per year), data loss or the specter of cloud data breaches.

The vital need for cloud workload protection

Protecting business cloud applications and data sources is just as important as firewalls and malware checkers on internal networks and devices. With cloud services straightforward to set up, it’s easy to overlook key settings that enable or correctly configure various security settings.

There are a growing range of key cloud workload security threats facing all users and firms, including denial of service attacks, data breaches, and phishing attacks that steal access credentials. Other internal threats can include misconfiguration of cloud services, which increases the risks of a breach. According to DivvyCloud, 196 data breaches were recorded between 2018 and 2019, costing companies approximately $5 trillion.

With those high on the agenda of all business leaders, including CIOs, CISOs and IT security teams, the benefits of investing in a cloud workload protection platform (CWPPs) to mitigate these risks become clearer. Our research found that just over three-quarters (78.5%) of businesses utilize cloud workload protection platforms.

Gartner defines a cloud workload protection platform (CWPP) as a “workload-centric security solution that targets the unique protection requirements of workloads in modern enterprise environments.”

As hackers, unhappy workers, and other threat actors increase the risk, and the number of attacks continues to rise, all enterprises are targets. And those with weak defenses will quickly be identified by endless automated attacks.

IT leaders need to ensure that they protect their workforce from harm at the workload level, not just at the endpoint, as the risk of cloud data breaches across public and private clouds grows. For example, recent data from Oracle highlights that 59% of cybersecurity and IT professionals reported having privileged cloud credentials compromised during a phishing attack.

Cloud workload protection in action

Whatever the service or application, on cloud, container or virtual machine, cloud workload protection platforms operate in two ways.

Micro-segmentation

The first uses micro-segmentation to break down data centers into discrete segments with their own security controls. Micro-segmentation prevents malware from migrating between workloads and servers within the cloud environment.

Bare-metal hypervisor

An alternative approach is a bare-metal hypervisor that offers extra workload protection by virtualizing the cloud software from any hardware elements. If one of the virtual machines has a configuration issue or is attacked, the issue is isolated, allowing others to continue work.

The benefits of CWPP

Once a CWPP solution has been selected and installed, they provide a range of key benefits to the business, enabling monitoring of workload behavior, detecting and responding to any misconfiguration issues or intrusions.

They provide high-level visibility into the workloads, enabling vulnerabilities to be identified and configurations changed to protect the business, with consolidated log management and monitoring to provide strategic data. Much of this information is presented via the dashboard to reduce complexity and aid response times.

Additional benefits of CWPP deployments include improved hardening of systems and vulnerability management. The CWPP can reduce or eliminate attack vectors by finding old or weak business applications, user settings for permissions, while some enterprise examples also provide memory protection and intelligence sharing to help better protect a business.

Security tools used in concert including CWPP, cloud access security broker (CASB) alongside next-generation firewalls and endpoint protection all help to secure the cloud footprint of growing businesses and reduce the chance of an expensive breach or leak. Some cloud security tools are available as suites or bundles, or as part of wider cloud packages, but every business needs to ensure that it’s using every tool available to defend data and cloud services from attack, either due to misconfiguration on their side or from external actors looking for digital weaknesses.

Further reading:

• A Proven Approach to Cloud Workload Security
• 5 Things CISOs Need to Consider Before Buying a CASB
• 3 Cloud Data Compliance Problems You Didn't Know You Had
• 12 Best Practices to Maintain Cloud Security