Gartner: Start security monitoring in the public cloud

Grazed from Network World. Author: Ellen Messmer.

Security monitoring — the type involving traditional security information and event management (SIEM) — can be done in some public cloud environments, according to Gartner. And if you’re using public cloud services, it’s time to think about doing it.

Security monitoring of assets that the enterprise has placed in cloud is still not a common practice, but it really should be, said Gartner analyst Anton Chuvakin during his presentation this week at the Gartner Security and Risk Management Summit. There is always a “loss of control” when turning corporate data assets over to the cloud, Chuvakin says, but “you can compensate by increasing the visibility that comes with collection of logs and network traffic.”…

Gartner reveals Top ten security Myths

Most security monitoring today is done on-premises within the enterprise network using SIEM, intrusion-prevention systems (IPS) and data-loss prevention tools. In Amazon Web Services, he said, it’s possible to collect logs and copy them back to the on-premises SIEM. The benefits are that familiar tools are in use and you can obtain a unified view of both the cloud and the traditional environment, he said. On the other hand, there might be bandwidth restraints that make this hard or that the SIEM tools present “conflicts and incompatibilities” in the cloud environment. Chuvakin said enterprise security managers have to ask the question whether their SIEM tool is “cloud-ready” to collect data, which may be presented in unfamiliar form as instances and dynamic provisioning…

Read more from the source @ http://www.networkworld.com/news/2013/061213-gartner-public-cloud-270773.html?hpg1=bn