Beefing Up Security Services Online

Cloud Security Protection

The necessity and development of Cloud security evolves with the consistent growth of the Cloud and its many features. Just as Amazon is currently taking steps to improve their Cloud security in the hopes of attracting more customers, other shrewd Cloud organizations need to ensure they’re providing their clients not only with in-demand products but safeguarding those products against cyber threats.

Amazon Web Services: Security Upgrades

Already dominating the cloud market space, Amazon Web Services (AWS) recently announced two new products designed to encourage and assist companies in maintaining and securing their data in the AWS cloud. Amazon Inspector is a bot-type service that searches for vulnerabilities and security threats, thereafter generating a security status report and suggesting a course of action. This service will also help companies avoid introducing problems into their apps when launching new features. The Database Migration Services announced will allow users to migrate their MySQL, SQL Server, PostgreSQL, and Oracle databases to AWS as quickly and simply as possible. The AWS Config Rules service will then enable organizations to configure a set of rules and decide how instances will be constructed.

Amazon Inspector

Cloud Security Ventures

Startup Zscaler is an IT security company valued at over $1 billion, and it’s focusing its attention on banking. Scrubbing malware and other digital threats from over 100 global data centers, Zscaler has named a former banking exec, Andy Brown, to its board of directors, with the aim of winning customers from the financial services sector. Says Brown of discussions with Zscaler’s CEO Jay Chaudhry, “We agreed that if the future was going to be the cloud, then security and policy management would have to move to the cloud. I’ve been convinced of that since the Salesforce implementation, but there were no vendors around to make that easy.”

And WinMagic has launched their own tool for enterprise Cloud security, SecureDoc CloudSync. This security software encrypts files before synchronization to enterprise file sync and share services (EFSS) and is available across a range of platforms including Android, iOS, Mac, and Windows. Furthermore, management of encryption keys is simplified, and when sharing files within an enterprise, SecureDoc CloudSync doesn’t require additional end-user passwords. Mark Hickman, COO of WinMagic, notes, “The undeniable convenience of EFSS solutions runs head on into the desires of IT staff and compliance officers to closely control sensitive data in an auditable way, and SecureDoc CloudSync removes risks inherent to EFSS. With the solution, companies can encrypt files so that the encryption stays with the file in the cloud. By managing the keys, the IT teams are the final authority as to the security of their corporate data.

Narrow the Focus

The European Network Information Security Agency identified 35 Cloud security risk categories, and narrowed those down to the eight most relevant:

  • Loss of Governance
  • Lock-in
  • Isolation Failure
  • Compliance Risks
  • Management Interface Compromise
  • Data Protection
  • Insecure of Incomplete Data Deletion
  • Malicious Insider

Trends

David Howorth, VP EMEA at Alert Logic, discussed a recently released Cloud Security Report and pointed out three key findings:

  • Application Attack, Suspicious Activity, and Brute Force Attack, the primary cyber attack methods targeting cloud deployments, grew 45%, 35%, and 27% respectively over the last year, while increases in top attacks aimed at on-premises deployments were insignificant. Howorth remarks, “Cyber criminals are logically attempting to break into a growing number of applications being deployed in the cloud.”
  • Cyber-attack methods used are being determined by how organizations interact with their customers, the size of their online presence, and where their IT infrastructure is housed.
  • Discerning the Cyber Kill Chain® can provide insight into where cyber criminals are likely to breach organization environments and how they can be stopped. This can help organizations create defense strategies based on the way attackers are approaching and infiltrating their businesses.

Organizations implementing or evaluating Cloud security solutions should understand top threats, as well as drill down into risks specific to their own environments and setups. While many Cloud providers are implementing necessary security features, it’s always best to analyze documentation and reports to ensure adequate protection.

By Jennifer Klostermann

Kip Compton

What’s Ahead for Cloud in 2019

The Cloud In 2019 2018 was an incredible time for cloud. Its impact on customer experiences, business processes and models, and workforce innovations was undeniable ...
Dean Wiech

Identity and Access Management: Passwords and Governance

Identity and Access Management The identity and access management market continues to grow in a wide variety of industries of all sizes. As has been ...
Jeremy Daniel

Find Competitive Advantage through AWS by Partnering With The Experts

Setting up your cloud configuration is too important to not involve the experts MediaTemple & CloudTweaks Thought Leadership Brand Series So many great business ideas ...
Louis Columbus

What’s New In Gartner’s Hype Cycle For CRM, 2019

Gartner’s Hype Cycle For CRM, 2019 Worldwide enterprise application software revenue totaled more than $193.6B in 2018, a 12.5% increase from 2017. CRM made up ...
Mor Cohen Tal1

The Top 2 Challenges of Next-Gen Applications

Challenges of Next-Gen Applications When you think of why customers move to the cloud, there are a few key things that they're trying to achieve ...