Cloud Security (AWS vs AZURE vs GCP vs IBM Cloud)

Cloud Security involves protecting cloud based infrastructure, applications, data from cyber threats and attacks. Enterprises consider security as one of the crucial impediments to moving on premise applications and data to Cloud. Need a refresher on Cloud Computing, try Cloud Computing Primer

Cloud security is particularly challenging due to the applicability of shared responsibility model. Cloud providers are responsible for infrastructure, storage and network security while enterprises are responsible for their application and data security.

In this article we will compare Cloud Security offerings from hyper scale Cloud providers with respect to organic and inorganic investments made towards securing the cloud.

Offering Perspective:

All Providers have organically built capabilities in key areas to address the gamut of security concerns. The table below depicts the offering comparison in key security areas.

AWS offers better default security configuration. Provides account to account and service to service isolation and auto defaults to no access. Collecting security data across region is complex but possible.

Azure by default is less secure IMO(open ports and protocols noticed upon creation of VM). Strong point is Azure Directory service which provides centralized security. Subscriptions are less isolated and protected from each other. Activity logs can be collected across region. Another strong point is the AI enabled Defender which enables detection of cloud configuration errors in hybrid environments.

GCP maintains centralized security access while isolating projects and defaulting to more secure configurations. Does not have breadth of capabilities like AWS, Azure yet.

IBM Cloud offers strong confidential computing capabilities due to hyper protect crypto services from Z legacy. Lacks breadth of security capabilities on IBM Public Cloud but offers robust security capabilities as independent SaaS offerings.

Investment Lens :

Hyperscale Cloud providers have been strengthening their Cloud Security portfolio inorganically through acquisitions and integrating the same into their security portfolio. Below are the security related acquisitions made by them in the last decade.

Collated from publicly available information

There are many innovative security solutions in the market - XDR, Zero Trust, Micro segmentation, AI based threat detection etc. Cloud providers are partnering with security vendors to provide more options and innovations to their customers. Below indicates current view of the partnerships.

AWS has beefed up its security portfolio organically and has forged hundred odd partnerships. It integrates well with partners to close key gaps. Security hub provides single pane of glass visibility to incidents across AWS services and partners.

Google Cloud is now elevating the game with 2 key acquisitions in 2022 and is also accentuating partnerships.

Microsoft (9) has made key acquisitions in security space in the last decade and boosts comprehensive set of security offerings. Microsoft also has the largest number of partnerships overall.

IBM (12) has made significant investment in security portfolio. However not all of these are available on IBM Public Cloud but mostly as standalone SaaS offerings. Integration with IBM Public Cloud apps could be complex.