The cybersecurity infrastructure for each of the major public clouds is a work in progress. But for all of them, it has become obvious that identity and data access are effectively the new perimeter. By examining what is the same and what is different about each public cloud’s identity and access management mechanisms, Dan Woods, Principal Analyst at Early Adopter Research, and Sandy Bird, CTO of Sonrai Security, explain how the shift to the public cloud is changing the rules for security. We identify the different principles each public cloud vendor is using as well as the different approaches to account organization and how resources are protected.

Questions:

• Why are identity and data access the new perimeter?
• Why has zero-trust become the default organizing principle for cloud security?
• What are the crucial requirements for cloud data security?
• How are these requirements implemented in each cloud?
• What are the differences in security practices between AWS, Azure, and Google Cloud?
• What burdens does the new cloud model put upon cloud users?
• What goes wrong when these burdens are not properly managed?