Beefing Up Security Services Online

Cloud Security Protection

The necessity and development of Cloud security evolves with the consistent growth of the Cloud and its many features. Just as Amazon is currently taking steps to improve their Cloud security in the hopes of attracting more customers, other shrewd Cloud organizations need to ensure they’re providing their clients not only with in-demand products but safeguarding those products against cyber threats.

Amazon Web Services: Security Upgrades

Already dominating the cloud market space, Amazon Web Services (AWS) recently announced two new products designed to encourage and assist companies in maintaining and securing their data in the AWS cloud. Amazon Inspector is a bot-type service that searches for Vulnerabilities and security threats, thereafter generating a security status report and suggesting a course of action. This service will also help companies avoid introducing problems into their apps when launching new features. The Database Migration Services announced will allow users to migrate their MySQL, SQL Server, PostgreSQL, and Oracle databases to AWS as quickly and simply as possible. The AWS Config Rules service will then enable organizations to configure a set of rules and decide how instances will be constructed.

Amazon Inspector

Cloud Security Ventures

Startup Zscaler is an IT security company valued at over $1 billion, and it’s focusing its attention on banking. Scrubbing Malware and other digital threats from over 100 global data centers, Zscaler has named a former banking exec, Andy Brown, to its board of directors, with the aim of winning customers from the financial services sector. Says Brown of discussions with Zscaler’s CEO Jay Chaudhry, “We agreed that if the future was going to be the cloud, then security and policy management would have to move to the cloud. I’ve been convinced of that since the Salesforce implementation, but there were no vendors around to make that easy.”

And WinMagic has launched their own tool for enterprise Cloud security, SecureDoc CloudSync. This security software encrypts files before synchronization to enterprise file sync and share services (EFSS) and is available across a range of platforms including Android, iOS, Mac, and Windows. Furthermore, management of encryption keys is simplified, and when sharing files within an enterprise, SecureDoc CloudSync doesn’t require additional end-user passwords. Mark Hickman, COO of WinMagic, notes, “The undeniable convenience of EFSS solutions runs head on into the desires of IT staff and compliance officers to closely control sensitive data in an auditable way, and SecureDoc CloudSync removes risks inherent to EFSS. With the solution, companies can encrypt files so that the encryption stays with the file in the cloud. By managing the keys, the IT teams are the final authority as to the security of their corporate data.

Narrow the Focus

The European Network Information Security Agency identified 35 Cloud security risk categories, and narrowed those down to the eight most relevant:

  • Loss of Governance
  • Lock-in
  • Isolation Failure
  • Compliance Risks
  • Management Interface Compromise
  • Data Protection
  • Insecure of Incomplete Data Deletion
  • Malicious Insider

Trends

David Howorth, VP EMEA at Alert Logic, discussed a recently released Cloud Security Report and pointed out three key findings:

  • Application Attack, Suspicious Activity, and Brute Force Attack, the primary cyber attack methods targeting cloud deployments, grew 45%, 35%, and 27% respectively over the last year, while increases in top attacks aimed at On-Premises deployments were insignificant. Howorth remarks, “Cyber criminals are logically attempting to break into a growing number of applications being deployed in the cloud.”
  • Cyber-attack methods used are being determined by how organizations interact with their customers, the size of their online presence, and where their IT infrastructure is housed.
  • Discerning the Cyber Kill Chain® can provide insight into where cyber criminals are likely to breach organization environments and how they can be stopped. This can help organizations create defense strategies based on the way attackers are approaching and infiltrating their businesses.

Organizations implementing or evaluating Cloud security solutions should understand top threats, as well as drill down into risks specific to their own environments and setups. While many Cloud providers are implementing necessary security features, it’s always best to analyze documentation and reports to ensure adequate protection.

By Jennifer Klostermann

Jen Klostermann

Enterprises Starting To Embrace Blockchain-as-a-Service (BaaS)

Blockchain as a Service (BaaS) Many global companies have already implemented Blockchain-as-a-Service (BaaS) into their cloud offerings. There isn't any question that offering BaaS can serve as a differentiator for many companies. Not to mention, ...
Juan Pablo Perez Etchegoyen

The S/4 HANA Decade is Here: Three Tips for a Successful Migration

Three Migration Tips For organizations using SAP, migrating to S/4 HANA is a project that’s either in the works or on the horizon as the 2027 deadline for completion looms. The new generation of SAP ...
Big Data Explosion

Developing Machine Learning-based Approach for Optimizing Virtual Agent (VA) Training

Optimizing Virtual Agent (VA) Training Achieve NLU model’s precision, recall & accuracy up to 78% The success of any Virtual Agent (VA) depends on the training of its Natural Language Understanding (NLU) model prior to ...
Anita Raj

The Criticality of Data Governance in a Multi-cloud Environment

The Criticality of Data Governance Multi-cloud has emerged as an enterprise favorite in almost no time.  In fact, Security Boulevard  makes a reference to a Forrester Research Report which confirms that almost 86 percent of ...
François Amigorena

SMB’s perceptions of Cloud Storage Security

Data Storage Security The use of cloud storage is on the increase. However, SMBs are still suspicious about it. Actually, 61% of SMBs believe their data in unsafe in the cloud. Why are those perceptions ...
David Friend

Tech Evolution – Why Multi-Cloud Will Win

Why Multi-Cloud Will Win When I was growing up in the 1970’s, IBM ruled the roost in corporate data centers. If you walked into a typical data center, nearly every piece of gear had an ...