How would you say the advancement of cloud computing is affecting the skills that enterprise network security engineers will need going forward? Specifically, will network integration and networking hardening (both inside and outside the traditional perimeter) become more important?
Ask the Expert!
Have questions about network security? Send them via email today! (All questions are anonymous.)
Cloud computing is creating a demand for network security engineers and other IT professionals who blend traditional IT skills with expertise in cloud-based service delivery. As you suggest in your question, integration is one of those critical skills. Network security engineers will need to be confident in their ability to use VPNs and other technologies to provide secure connections to cloud platforms, especially when the transmission of sensitive data takes place over those connections.
In addition, network security experts will now need to contend with the enterprise's use of computing resources that they do not fully control. This requires a shift in mindset from the bottom-up design of a control environment to the fine-tuning and configuration of an environment that may be at times opaque. For example, a security professional working to secure an Infrastructure as a Service (IaaS) environment will need to rely upon their ability to implement controls within virtual machines, rather than configuring the virtualization environment itself. After all, they don't even have direct access to the virtualization platform!
Finally, many security experts will find themselves more engaged in assessing the security controls that service providers implement. This will include discussing controls with the cloud service providers' security teams, reviewing independent assessment results and possibly conducting site visits to perform specialized risk assessments. Network security professionals preparing for the shift to the cloud may want to develop a standardized checklist of the components they wish to cover in their cloud security reviews. These may include review of network encryption controls, verification of firewall configurations and settings, and an assessment of network intrusion prevention capabilities, among other items.
Network security engineers seeking to keep their skills relevant in the changing world of IT should absolutely consider the impact that cloud computing will have on their organizations. Those who make changes now to position themselves as experts in securing connections to the cloud, configuring security within a cloud environment and assessing the controls of cloud providers will find themselves in an excellent position to serve potential employers in the future.
Editor's note: SearchSecurity.com expert Mike Chapple contributed to this article.
This was first published in May 2013