{"id":48794,"date":"2023-11-21T10:14:06","date_gmt":"2023-11-21T15:14:06","guid":{"rendered":"https:\/\/centricconsulting.com\/?p=48794"},"modified":"2024-04-16T16:34:25","modified_gmt":"2024-04-16T20:34:25","slug":"cybersecurity-and-the-cloud-moving-over-isnt-as-easy-as-flipping-a-switch","status":"publish","type":"post","link":"https:\/\/centricconsulting.com\/blog\/cybersecurity-and-the-cloud-moving-over-isnt-as-easy-as-flipping-a-switch\/","title":{"rendered":"Cybersecurity and the Cloud: Moving Over Isn’t as Easy as Flipping a Switch"},"content":{"rendered":"
Lift and shift. While this phrase is not new, it now regularly relates to moving infrastructure to the cloud. But what about cybersecurity and the cloud? Providers promise seamless transitions as if you were moving a server from one rack to another. While moving to the cloud can put companies in a more secure position, you must take proper care. Assuming everything is the same about cloud cybersecurity can be a costly mistake.<\/strong><\/p>\n From a physical security perspective, moving infrastructure to the cloud will almost always be more secure. Large cloud providers place infrastructure in state-of-the-art data centers with top-of-the-line physical security measures.<\/p>\n Often, organizations do not have the budget, time or expertise to build their own on-premise data centers to these specifications. We have seen the full spectrum of data centers over the years (umbrellas over server racks to protect from a leaky roof, anyone?). Even the most advanced data centers we see on-premises do not match those of the large cloud providers.<\/p>\n Requirements and basic control concepts have not changed as cloud infrastructure continues to proliferate. User access, change management<\/a>, and firewalls are all still there. Control frameworks such as COBIT, ISO 27001, NIST CSF, and the CIS controls still apply and have great value. Sarbanes-Oxley controls are still a driver of security practices for public companies.<\/p>\nCybersecurity Cloud No-Brainers<\/h2>\n
What Hasn\u2019t Changed About Cloud Cybersecurity<\/h2>\n
What Changes When Migrating to the Cloud<\/h2>\n