Corporate policies on anything from safety to ethical sourcing are all about rules. Do this; don’t do that! Often created from the experience of everything that went wrong in the past, policies can soon turn into large, unwieldy documents. IT security also has its rules, some of them born of common sense, others of past problems. These rules for checking attribution of user access rights, encrypting data volumes and similar precautions, can easily mount into the hundreds. Some cloud services vendors now make rules-based management services part of their offering to customers, but with a key advantage that sets them apart from those other chunky policy documents that managers must cope with.
The saving grace for rule-based security in IT and in the cloud is automation. Cloud computing is already a big user of automation – it’s the only way cloud vendors can keep up with all the different users and their data flows and computing requirements. Amazon Web Services (AWS) for instance now offers two flavours of automated rule-based security. One is AWS Config, which allows customers to set up and apply their own rules-based procedures. Creation, modification and deletion of data volumes and computing instances can all be automatically managed and monitored, with reports sent back to users. The other is AWS Inspector, which uses AWS’s own set of rules to check customer set-ups and report back about vulnerabilities and recommendations for fixing them.
Tools like these help to enhance the security posture of customers using cloud services. They also lessen the overall security burden on customers. This makes cloud security an even more attractive feature to enterprises and organisations struggling to achieve proper levels of security in their on-premise computing. While cloud solutions cannot provide answers to every computing need, developments like the rule-based services above are yet another reason why cloud services continue to be so popular.