nat

Combatting Malware in the Cloud Requires a New Way of Thinking

Malware in the Cloud

It’s no secret that cloud adoption has exploded in the enterprise over last few years. However, this aggressive cloud adoption trend has also opened the floodgates for a host of new threats and elevated the risk of data being lost or stolen. Perhaps not surprisingly, malware and ransomware in the cloud – longtime challenges for endpoints – top the list of the most prominent threats facing enterprises investing in the cloud. Additionally, with increased reliance on widely used interconnected public cloud apps in the enterprise, malware and ransomware have the potential to touch – and compromise – more data than ever before.

Yet, despite new and increasing risks to data, few providers offer dedicated cloud malware protection. While some cloud apps like G Suite, Office 365, and Azure can identify common malware, such solutions are completely ineffective in combatting zero-day attacks when end-users need instant access to data in the cloud or expect an instant upload of a file.

The lack of proactive cloud malware solutions underscores an industry gap that indicates – among other things – organizations are unprepared and under-equipped to effectively address next-generation AI-based malware. The most dangerous threats aren’t known malware, but the unknown, zero-day attacks that fly under the radar of security defenses and result in weeks or months of data exfiltration – often at a major cost to the targeted organization. Once advanced malware makes its way into a cloud app, there’s little an organization can do to stop its spread. These malicious files are often downloaded to endpoints, make their way to connected apps, and are then shared across the organization.

cloud malware

Here are a few steps organizations can take to solidify malware defenses in the cloud and keep sensitive data from falling into the wrong hands.

Rethink the Security of Enterprise Apps:

G Suite and Office 365 are perhaps the most trusted of any enterprise apps. Unlike random online video content and unfamiliar internet games, enterprise apps are supposed to be functional and secure, and their files are expected to be free of malware. Consequently, most people don’t think twice about downloading corporate documents or attachments. Unfortunately for the end user, cyber criminals will happily capitalize and exploit this trust. Unbeknownst to many, enterprise apps contain the same flaws as any others, and don’t come with built-in security protections. So, there is strong likelihood that they’re hosting malware just like any other app.

Find a Trusted Third Party Endpoint Security Solution:

Major cloud providers such as Salesforce and Box all work with third-party security solutions. Because most cloud platforms don’t come equipped with advanced threat protection, third-party solutions are a must. Not all endpoint security solutions are the same, so it is recommended that you stack up endpoint protection to the best possible standards. Top solutions will catch most malware coming to endpoints, which includes both desktops and laptops. For today’s threats and IT structure, organizations will need a solution that works across applications, as opposed to a solution that only works on one or a few apps.

Stop Malware from Spreading:

One of the ways to protect data from the threat of malware is to prevent it from spreading. Advanced Threat Protection (ATP) technologies allow organizations to detect and block known and unknown malware before it hits the cloud, assess the risks of files, and stop malicious attacks in their tracks.

Implement Dedicated Mobile Device Protection for BYOD:

If you don’t see mobile protection incorporated in lists of enterprises’ endpoint features, there’s a distinct reason: it’s not their bread and butter. Endpoint security does a good job of securing infrastructure and identifying bad files, but falls short when protecting the end users or providing secure access of that file – especially as more users rely on unmanaged personal devices to conduct business functions. Organizations need mobile-specific security solutions that work seamlessly across all apps, provide a frictionless user experience, secure corporate data, and ensure regulatory compliance requirements are met.

Invest in Zero-Day Protection:

As malware becomes increasingly stealthy, sophisticated, and elusive, organizations need to get a few steps ahead of potential attacks with zero-day protection that can address both known and unknown threats. That means steering clear of solutions that protect solely with signature-based technology and block only known threats. On the other hand, next-generation tools combat advanced threats with static analysis, basing a risk decision on hundreds of characteristics associated with a file. They can then identify the threat based on its behaviors, even before it has been found in the wild.

###

By Nat Kausik, CEO, Bitglass

Nat became president and CEO of Bitglass in January 2013. Prior to Bitglass, Nat was CEO of Asterpix, Trubates, FineGround and Arcot Systems. Nat earned a B.Tech from IIT, Madras, an M.S. from Princeton University, and a Ph.D. in computer science from Cornell University.

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.

CONTRIBUTORS

4 Open Source Business Intelligence Tools For Big Data Reporting

4 Open Source Business Intelligence Tools For Big Data Reporting

Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up ...
Get Used To It – Artificial Intelligence For Real-time Gas Pricing

Get Used To It – Artificial Intelligence For Real-time Gas Pricing

Real-time Gas Pricing Get used to it – we will extract every dollar you can afford at your friendly … ...
What is shadow IT?

How to Make the Move to the Cloud Securely

Move to the Cloud Securely The 2016 Enterprise Cloud Computing Survey from IDG offers multiple interesting insights concerning the state ...
Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Private Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle ...
73% Are Using Internet Of Things Data To Improve Their Business

73% Are Using Internet Of Things Data To Improve Their Business

Internet Of Things Data According to the Cisco Visual Networking Index, M2M connections will represent 46% of connected devices by ...
Cryptocurrencies and Ransomware: How VDI Can Help Defend Against the Next Ransomware Attack

Cryptocurrencies and Ransomware: How VDI Can Help Defend Against the Next Ransomware Attack

Cryptocurrencies and Ransomware The WannaCry ransomware made headlines back in May when it crippled hospitals across the UK and put ...
Future Tech

Gartner’s Top 10 Predictions For IT In 2018 And Beyond

Gartner’s Top 10 Predictions For IT In 2018 In 2020, AI will become a positive net job motivator, creating 2.3M ...
Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

The Malware Cloud Concern This year we’ve had two cyber attacks in which malware was used to cripple government computer ...
Making Enterprise IT Affordable for Small Businesses with the Cloud

Making Enterprise IT Affordable for Small Businesses with the Cloud

Making Enterprise IT Affordable Recent advancements in cloud technology have made enterprise IT services, like DNS management, a reality for ...
RCS In Emerging Markets Means A Step Forward For Cloud Computing

RCS In Emerging Markets Means A Step Forward For Cloud Computing

Rich Communication Services As a cloud service provider operating in emerging markets, we’re excited about the possibilities of rich communication ...

NEWS

Red Hat global survey finds field services operations bullish on emerging technologies

Red Hat global survey finds field services operations bullish on emerging technologies

Bullish Emerging Technologies For many industries, from transportation to utilities, manufacturing and more, field workers are pivotal to the success ...
DigitalOcean Announces New Compute Plans to Provide Best Price-to-Performance for Production Applications

DigitalOcean Announces New Compute Plans to Provide Best Price-to-Performance for Production Applications

Changes Position DigitalOcean as Most Competitive, Simple Pricing Solution in Cloud Infrastructure Industry NEW YORK, Jan. 16, 2018 (GLOBE NEWSWIRE) ...
Google classroom

Google to expand cloud infrastructure with new regions, submarine cables

(Reuters) - Alphabet Inc’s Google said on Tuesday it would add five regions and build three new submarine cables as ...