November 24, 2015

Beefing Up Security Services Online

By Jennifer Klostermann

Cloud Security Protection

The necessity and development of Cloud security evolves with the consistent growth of the Cloud and its many features. Just as Amazon is currently taking steps to improve their Cloud security in the hopes of attracting more customers, other shrewd Cloud organizations need to ensure they’re providing their clients not only with in-demand products but safeguarding those products against cyber threats.

Amazon Web Services: Security Upgrades

Already dominating the cloud market space, Amazon Web Services (AWS) recently announced two new products designed to encourage and assist companies in maintaining and securing their data in the AWS cloud. Amazon Inspector is a bot-type service that searches for Vulnerabilities and security threats, thereafter generating a security status report and suggesting a course of action. This service will also help companies avoid introducing problems into their apps when launching new features. The Database Migration Services announced will allow users to migrate their MySQL, SQL Server, PostgreSQL, and Oracle databases to AWS as quickly and simply as possible. The AWS Config Rules service will then enable organizations to configure a set of rules and decide how instances will be constructed.

Amazon Inspector

Cloud Security Ventures

Startup Zscaler is an IT security company valued at over $1 billion, and it’s focusing its attention on banking. Scrubbing Malware and other digital threats from over 100 global data centers, Zscaler has named a former banking exec, Andy Brown, to its board of directors, with the aim of winning customers from the financial services sector. Says Brown of discussions with Zscaler’s CEO Jay Chaudhry, “We agreed that if the future was going to be the cloud, then security and policy management would have to move to the cloud. I’ve been convinced of that since the Salesforce implementation, but there were no vendors around to make that easy.”

And WinMagic has launched their own tool for enterprise Cloud security, SecureDoc CloudSync. This security software encrypts files before synchronization to enterprise file sync and share services (EFSS) and is available across a range of platforms including Android, iOS, Mac, and Windows. Furthermore, management of encryption keys is simplified, and when sharing files within an enterprise, SecureDoc CloudSync doesn’t require additional end-user passwords. Mark Hickman, COO of WinMagic, notes, “The undeniable convenience of EFSS solutions runs head on into the desires of IT staff and compliance officers to closely control sensitive data in an auditable way, and SecureDoc CloudSync removes risks inherent to EFSS. With the solution, companies can encrypt files so that the encryption stays with the file in the cloud. By managing the keys, the IT teams are the final authority as to the security of their corporate data.

Narrow the Focus

The European Network Information Security Agency identified 35 Cloud security risk categories, and narrowed those down to the eight most relevant:

  • Loss of Governance
  • Lock-in
  • Isolation Failure
  • Compliance Risks
  • Management Interface Compromise
  • Data Protection
  • Insecure of Incomplete Data Deletion
  • Malicious Insider

Trends

David Howorth, VP EMEA at Alert Logic, discussed a recently released Cloud Security Report and pointed out three key findings:

  • Application Attack, Suspicious Activity, and Brute Force Attack, the primary cyber attack methods targeting cloud deployments, grew 45%, 35%, and 27% respectively over the last year, while increases in top attacks aimed at On-Premises deployments were insignificant. Howorth remarks, “Cyber criminals are logically attempting to break into a growing number of applications being deployed in the cloud.”
  • Cyber-attack methods used are being determined by how organizations interact with their customers, the size of their online presence, and where their IT infrastructure is housed.
  • Discerning the Cyber Kill Chain® can provide insight into where cyber criminals are likely to breach organization environments and how they can be stopped. This can help organizations create defense strategies based on the way attackers are approaching and infiltrating their businesses.

Organizations implementing or evaluating Cloud security solutions should understand top threats, as well as drill down into risks specific to their own environments and setups. While many Cloud providers are implementing necessary security features, it’s always best to analyze documentation and reports to ensure adequate protection.

By Jennifer Klostermann

Jennifer Klostermann

Jennifer Klostermann is an experienced writer with a Bachelor of Arts degree majoring in writing and performance arts. She has studied further in both the design and mechanical engineering fields, and worked in a variety of areas including market research, business and IT management, and engineering. An avid technophile, Jen is intrigued by all the latest innovations and trending advances, and is happiest immersed in technology.
Rahul Subramanyam

Episode 18: Fixing AWS: The CloudFix Story 

Fixing AWS: The CloudFix Story A conversation with Rahul Subramanyam. CEO at CloudFix, and CTO [...]
Read more
Sushil Kumar

Generative AI and Cloud Computing: The Greatest Infusion

Generative AI The fusion of cloud computing, app modernization, and artificial intelligence (AI) drives digital [...]
Read more

Exploring SaaS Directories: The Path to Optimal Software Selection

Exploring the Landscape of SaaS Directories SaaS directories are vital in today’s digital age, serving [...]
Read more
Chris Bray

Quantum Leap: How Post-Quantum Cryptography Will Dominate 2024 Boardroom

2024 Cybersecurity Predictions As we step into 2024, the technological landscape is poised for transformative [...]
Read more
Rakesh Soni

Cultivating a Culture of Cloud Innovation: Elevating Your Business Potential

Cloud computing has emerged as a game-changer, revolutionizing how organizations operate and transforming their growth [...]
Read more
Randy

2024 Cloud Security Trends: Navigating the Evolving Landscape of Protection and Backup

2024 Cloud Security Trends Cloud protection and backup trends in 2024 are evolving rapidly, influenced [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.