Third-party remote hosting platforms, sometimes referred to as cloud computing platforms or simply as “the cloud,” are becoming increasingly popular for both personal and enterprise users. The cloud may host everything from documents to websites to complicated network architecture. Using cloud computing platforms may have many benefits, including flexibility, reliability, scalability and accessibility. However, every computing platform has its challenges, and the cloud is no exception. Concerns about security, privacy, and confidentiality are an even higher priority on third-party hosting solutions like the cloud than on private networks.
Traditional systems for security on the cloud may focus mainly on securing systems and data against external attackers and may rely on techniques such as encryption. However, such systems do nothing to stop internal actors from committing security breaches, either accidentally or maliciously. Traditional systems may offer some form of network segmentation and/or segregation of duties, but may not have any means of ensuring the network segmentation complies with existing security policies. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for enforcing secure network segmentation for sensitive workloads.