How to Develop a Comprehensive Cloud Security StrategyCloudPassage's Carson Sweet on Merits of the New Model
Infrastructure security used to be more manageable. But it's far more complex in today's cloud environment. Carson Sweet of CloudPassage shares insight and strategies to improve cloud infrastructure security.
Several key factors influence the complexity of infrastructure security, and the first is the virtualization itself, says Sweet, CEO and co-founder of CloudPassage.
"As we see more infrastructure moving from a traditional hardware deployment model to virtualized servers, virtualized networks, software-defined networks, etc.," Sweet says, "these virtualized environments obviate the ability to control the actual physical underlying infrastructure."
And "control" is an operative word. In the old model, organizations had critical systems and servers behind their own four walls. Today, these elements are increasingly in public clouds, where security leaders have less direct control. "That's a complexity that security organizations are struggling with," Sweet says.
In an interview about cloud infrastructure security, Sweet discusses:
- Factors making infrastructure security increasingly complex;
- Why in-house solutions are so challenging;
- Lessons learned from pioneers of third-party cloud infrastructure security services.
Sweet's information security career spans nearly two decades and includes a broad range of entrepreneurial, management and hands-on technology experience.
A senior information security strategy and technology consultant, he has created groundbreaking security solutions across a range of industries and public sectors. Prior to co-founding CloudPassage Sweet served as RSA's principal solutions architect for the financial services sector, where he specifically focused on virtualization & cloud security, Internet application controls, data protection and anti-fraud.