Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News
      How the Post Office plans to rise from the dead - Fathima Gany

      How the Post Office plans to rise from the dead

      17 July 2026
      iOCO snaps up ERP firm as acquisition machine cranks up - Rhys Summerton

      iOCO snaps up ERP firm as acquisition machine cranks up

      17 July 2026
      Meta AI will now tell parents if their teen is in crisis

      Meta AI will now tell parents if their teen is in crisis

      17 July 2026
      Tap to pay is finally coming to the Post Office

      Tap to pay is finally coming to the Post Office

      17 July 2026
      Xi pitches China as the world's AI liberator - Chinese President Xi Jinping waves as he arrives at the opening ceremony of the World AI Conference in Shanghai. Ng Han Guan/Reuters

      Xi pitches China as the world’s AI liberator

      17 July 2026
    • World
      Swingeing jobs cuts at Microsoft's Xbox unit

      Swingeing jobs cuts at Microsoft’s Xbox unit

      6 July 2026

      SK Hynix ends Samsung’s 26-year reign at the top

      22 June 2026
      Google on the hook for what its AI tells users, court rules

      Google on the hook for what its AI tells users, court rules

      15 June 2026
      How Russians juggle VPNs to outwit the Kremlin

      How Russians juggle VPNs to outwit the Kremlin

      15 June 2026
      Amazon CEO flagged Anthropic AI risks to Washington - Andy Jassy

      Amazon CEO flagged Anthropic AI risks to Washington

      14 June 2026
    • In-depth
      AI boom sparks rally, frenzy and fear

      AI boom sparks rally, frenzy and fear

      11 June 2026
      Every plug-in hybrid on sale in South Africa, ranked by price - Lamborghini Temerario

      Every plug-in hybrid on sale in South Africa, ranked by price

      7 June 2026
      What Wi-Fi 8 will mean for wireless networks

      What Wi-Fi 8 will mean for wireless networks

      1 June 2026
      Alfa's electric rebel - Alfa Romeo Junior Elettrica Veloce

      Alfa’s electric rebel

      29 April 2026
      Africa switches on as Europe dims the lights

      Africa switches on as Europe dims the lights

      9 April 2026
    • TCS
      Watts & Wheels S1E7: 'Ferrari's EV breaks the internet'

      Watts & Wheels S1E7: ‘Ferrari’s EV breaks the internet’

      8 July 2026
      TCS+ | How Tracker is turning vehicle data into business strategy - Silvia Schollenberger

      TCS+ | How Tracker is turning vehicle data into business strategy

      1 July 2026
      TCS+ | IBM Bob: an AI-powered 'development partner' for the enterprise - David Spurway

      TCS+ | IBM Bob: an AI-powered development partner for the enterprise

      30 June 2026
      Watts & Wheels S1E6: 'A flawless Alfa and a bakkie that divides'

      Watts & Wheels S1E6: ‘A flawless Alfa and a bakkie that divides’

      17 June 2026
      Watts & Wheels S1E6: 'A flawless Alfa and a bakkie that divides'

      Watts & Wheels S1E5: ‘A Bentley of the bush and a car that swims’

      8 June 2026
    • Opinion
      The author, Fanie van Rooyen

      South Africa can still catch the AI wave – here’s how

      7 July 2026
      The author, Fanie van Rooyen

      The AI utopia South Africa can’t afford

      1 July 2026
      Selling vapour is corporate suicide in slow motion - Jannie van Zyl

      South Africa’s broadband future is being decided in orbit, not in Pretoria

      30 June 2026
      The author, Pambos Soteriades

      The pivot South Africa’s MVNOs cannot afford to miss

      23 June 2026
      Brazil's online gambling crackdown is a lesson for South Africa

      Brazil’s online gambling crackdown is a lesson for South Africa

      22 June 2026
    • Company Hubs
      • 1Stream
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • Ascent Technology
      • AvertITD
      • BBD
      • Braintree
      • CallMiner
      • CambriLearn
      • CM Telecom
      • Contactable
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • HOSTAFRICA
      • Incredible Business
      • iONLINE
      • IQbusiness
      • Iris Network Systems
      • Kaspersky
      • LSD Open
      • Mitel
      • NEC XON
      • Netstar
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Telviva
      • Tenable
      • Vertiv
      • Videri Digital
      • Vodacom Business
      • Wipro
      • Workday
      • XLink
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Financial services
      • HealthTech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Policy and regulation
      • Public sector
      • Retail and e-commerce
      • Satellite communications
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
      • Watts & Wheels
    • Events
    • Advertise
    TechCentralTechCentral
    Home » Sections » Cloud services » Automation is key to data protection in cloud environments

    Automation is key to data protection in cloud environments

    Promoted | One of the core challenges of cloud computing is its complex security needs, says Tenable.
    By Tenable17 September 2024
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    Automation is key to data protection in cloud environments - TenableOne of the core challenges of cloud computing is its complex security needs. As organisations traverse the digital landscape, the convergence of systems, applications and users blurs traditional boundaries, requiring a reinterpretation of traditional data and identity silos.

    Under the shared responsibility model for the public cloud, protecting identities and data is always the responsibility of the enterprise rather than the cloud service provider. Even in software as a service (SaaS), customers are still required to protect their own data, identities and application configurations.

    Identity and access management (IAM) systems usually serve as the core method for defining access rights and permissions, enabling organisations to centrally manage authentication, single sign-on (SSO) and authorisation across multiple systems and applications. Yet legacy IAM systems struggle to adapt to the dynamic nature of cloud environments, where access requirements change frequently.

    Protecting identities and data is always the responsibility of the enterprise rather than the cloud service provider

    To address these challenges, the security industry has responded with innovative solutions designed to operate at cloud scale, such as cloud extensions to identity governance and administration (IGA) offerings and the adoption of attribute-based or policy-based access control (ABAC or PBAC).

    The IAM landscape is further complicated by introducing new entities such as containers, serverless architectures and internet-of-things devices. These entities present unique access challenges, necessitating innovative approaches to identity management. By leveraging data awareness and automation, organisations can streamline their IAM processes and mitigate security risks in cloud environments.

    Data protection solutions have evolved on a similar path to IAM systems. Data loss prevention (DLP) solutions have allowed organisations to discover, classify and monitor the movement of sensitive data within their networks, and apply adequate policies. As in the case of IAM, new data-centric solutions were introduced to tackle the challenge of protecting data in the cloud. Cloud access security broker (CASB) systems, for example, can be used to identify unsanctioned cloud applications, monitor and control data, and encrypt traffic to the cloud through a centralised platform.

    Cloud security

    However, the effectiveness of DLP solutions hinges on constant data classification and policy refinement, which can be challenging in dynamic cloud environments. While CASBs can be used to restrict user access to an application, they don’t address visibility and management of identities and permissions in the cloud at the user, application and resource level. Fortunately, cloud security posture management (CSPM) systems can help partially fill this gap, allowing organisations to continuously monitor cloud platforms and alert on misconfigurations and potential compliance issues. For example, CSPMs can detect misconfigured Amazon Simple Storage Service (Amazon S3) buckets that may expose organisations to the leaking or loss of sensitive data.

    Much like identity-centric security lacks an awareness of the data side, neither DLP nor CASB and CSPM, nor a combination of these products can provide integrated insight into identities. Similarly, making decisions based solely on the sensitivity of data with no insight into user behaviour and contextual understanding of their actions may result in misidentification of major risks, multiple false positives and disruption to business.

    As organisations are required to constantly adapt their policies and controls, IT and human resources (and consequently, budgets) are pushed to their limits. Many of these organisations are approaching a tipping point where the scale and flexibility of cloud environments may be too much to deal with, resulting in increased exposure to risk. The key to addressing the challenge of managing identities and permissions in the cloud at the user, application and resource level is to introduce automation, thereby reducing the level of required human resources.

    Automation is key to data protection in cloud environments - TenableBringing down identity and data silos is essential for achieving this goal. By effectively leveraging data awareness, we can establish a decision-making framework that distinguishes between legitimate and excessive permissions based on contextual understanding of the risk they pose to critical data or resources – and enforce least privilege policies accordingly.

    The disconnect between identity-centric and user-centric security is deeply rooted in existing cybersecurity paradigms. To create the necessary paradigm shift, a new security model should introduce capabilities based on several key principles.

    • Firstly, policies should ensure that users, applications, machines and services can access only the data and resources that are necessary for their legitimate purposes, per their current needs and status. The incorporation of data awareness into an access management framework could significantly improve its least privilege posture through a more accurate, ongoing assessment of risk.
    • Next – as said before – automation is the ultimate prescription for scale issues. The process of creating and enforcing least privilege policies (at least, in the most common cases) should be done rapidly, at scale and with minimal involvement of dev or ops teams. This way, organisations can gradually achieve least privilege while allocating other resources to identify and resolve complicated permissions and investigate unknown access events. It is also important to remember that not all access permissions are equal. Given the number of access policies in modern cloud environments, you must be able to differentiate between how you handle each of them. The level of risk can be attributed to the sensitivity of the data where it resides, the entity that holds the permissions, and so forth.
    • It is also crucial to identify the myriad entity types that are accessing cloud resources. From human users to applications and bots, similar principles and logic should be applied to all entity types to ensure comprehensive security across any cloud environment, without impacting application continuity or speed to market. Most importantly, security systems should be able to identify and mitigate access-related risks with minimum disruption to normal business operations.

    While there will continue to be evolving security challenges in cloud environments, there are a growing number of tools and measures that can be implemented to mitigate risks and ensure that a robust security framework is in place at all times. By leaning into automation to ease the burden of managing data policies, organisations will face less issues with scaling their cloud environments and be able to free up critical business resources.

    • Read more articles by Tenable on TechCentral
    • This promoted content was paid for by the party concerned

    Don’t miss:

    Harness the power of cloud securely with Tenable

    Follow TechCentral on Google News Add TechCentral as your preferred source on Google


    data protection in cloud Tenable
    WhatsApp YouTube
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleAltron Arrow launches Inventory Management as a Service
    Next Article Building tomorrow’s cities today with AfriGIS

    Related Posts

    The 'toxic cloud trilogy' is a key trend for 2025

    The ‘toxic cloud trilogy’ is a key trend for 2025 – Tenable

    13 January 2025
    How to harness the power of the cloud, securely - Tenable

    How to harness the power of the cloud, securely

    17 December 2024
    TCS+ | Beware the Toxic Cloud Trilogy - a discussion with Tenable - Bernard Montel

    TCS+ | Beware the Toxic Cloud Trilogy – a discussion with Tenable

    6 December 2024
    Add A Comment

    Comments are closed.

    Company News
    Paratus again voted Namibia's most reliable internet provider

    Paratus again voted Namibia’s most reliable internet provider

    17 July 2026
    Core opens Microsoft Surface reseller programme to South African SMEs - John Press

    Core opens Microsoft Surface reseller programme to South African SMEs

    17 July 2026
    The economy the statistics miss is thriving on Spondo Street - Lesaka Technologies Lincoln Mali

    The economy the statistics miss is thriving on Spondo Street

    16 July 2026
    Opinion
    The author, Fanie van Rooyen

    South Africa can still catch the AI wave – here’s how

    7 July 2026
    The author, Fanie van Rooyen

    The AI utopia South Africa can’t afford

    1 July 2026
    Selling vapour is corporate suicide in slow motion - Jannie van Zyl

    South Africa’s broadband future is being decided in orbit, not in Pretoria

    30 June 2026

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Latest Posts
    How the Post Office plans to rise from the dead - Fathima Gany

    How the Post Office plans to rise from the dead

    17 July 2026
    iOCO snaps up ERP firm as acquisition machine cranks up - Rhys Summerton

    iOCO snaps up ERP firm as acquisition machine cranks up

    17 July 2026
    Meta AI will now tell parents if their teen is in crisis

    Meta AI will now tell parents if their teen is in crisis

    17 July 2026
    Tap to pay is finally coming to the Post Office

    Tap to pay is finally coming to the Post Office

    17 July 2026
    © 2009 - 2026 NewsCentral Media
    Built and maintained by Chronon
    • Cookie policy (ZA)
    • TechCentral – privacy and Popia

    Type above and press Enter to search. Press Esc to cancel.

    Manage consent

    TechCentral uses cookies to enhance its offerings. Consenting to these technologies allows us to serve you better. Not consenting or withdrawing consent may adversely affect certain features and functions of the website.

    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    • Manage options
    • Manage services
    • Manage {vendor_count} vendors
    • Read more about these purposes
    View preferences
    • {title}
    • {title}
    • {title}