Could cloud storage be trusted?
The latest generation of cyber-attacks created an active underground economy, where stolen goods and illegal services are bought and sold in a ‘professional’ manner if there is such a thing as honor among thieves. Cyber crime now specializes in different “markets” that taken all together form the full criminal supply-chain.
Because of this, cybercrime develops at a much faster rate. All the tools are for sale now, and relatively inexperienced criminals can get to work quickly.
Some examples of this specialization are:
- Cybercrime has its social networks with escrow services
- Malware can now be licensed and gets tech support
- You can now rent botnets by the hour, for your crime spree
- Pay-for-play malware infection services that quickly create botnets
- A lively market for zero-day exploits (unknown vulnerabilities)
As technology has matured, more and more businesses started leveraging the benefits of the cloud. Contrary to file servers, the cloud allows enhanced mobility with access to files from any device, anywhere, facilitates collaboration between offices, helps to save storage space and can increase control over company files. However, many companies still have security concerns when it comes to moving data to the cloud and the proliferation of data breaches shows that hackers are increasingly after information stored in the cloud.
The cloud has become a primary target of cyberattacks. If you follow cyber news, you’ll notice that some of the biggest attacks in the past year all had origins in the cloud. There are a few reasons why this is the case. There are more ways to leak business data accidentally than ever before. All the while, the employees don’t take the necessary steps to protect company data. Small businesses face the biggest risk. They lack sophisticated protection and rarely take the necessary steps to prevent a breach. According to Ponemon Research, only 36% of small business owners have data security policies in place.
All major cloud storage services claim to be secure. There can be a huge, practical difference between one method of security and another. Cases in point are the difficulties Dropbox faced recently when millions of account details were allegedly breached through its integration with third-party apps. Google Drive itself has had trouble ensuring user privacy. Its privacy policy states Google can “use, host, store, reproduce, modify, create derivative works, communicate, publish, publicly perform, publicly display and distribute (your) content”.
In the cloud, data is stored with a third-party provider and accessed over the Internet. This means visibility and control over that data is limited. It also raises the question of how it can be properly secured. It is imperative everyone understands their respective roles and the security issues inherent in cloud computing.
Cloud service providers treat cloud security risks as a shared responsibility. In this model, the cloud service provider covers the security of the cloud itself, and the customer covers the security of what they put in it. In every cloud service, from Software as a Service (SaaS) like Microsoft Office 365 to Infrastructure as a Service (IaaS) like Amazon Web Services (AWS) – the cloud computing customer is always responsible for protecting their data from security threats and controlling access to it.
Most businesses are only at the 2nd and 3rd generation of security while today’s attacks are 5th generation – and cybercriminals and cyberattacks are only going to continue to advance in organization, sophistication, and speed. Businesses need to build a plan to move from their point solution security deployment to 5th-generation security infrastructure. 5th-generation security is advanced threat prevention that uniformly prevents attacks on a business’s entire IT infrastructure of networks, virtual instances, cloud deployments, endpoints, remote offices and mobile devices with single, central management for administration, monitoring and response. It is a foundation that not only protects against 5th-generation attacks but is also an architecture upon which businesses can easily and efficiently add security capabilities as threats advance and IT environments evolve.
5th-generation security is advanced threat prevention that uniformly prevents attacks on a business’s entire IT infrastructure of networks, virtual instances, cloud deployments, endpoints, remote offices and mobile devices with single, central management for administration, monitoring and response. It is a foundation that not only protects against 5th-generation attacks but is also an architecture upon which businesses can easily and efficiently add security capabilities as attacks advance and IT environments evolve.
What the future has in store?
Cloud computing, or the delivery of IT services over the Internet, requires a completely different set of considerations than traditional on-premises security. In the past, enterprise security meant surrounding enterprise applications and data with firewalls and managing endpoint devices that operated within those firewalls – a model often referred to as a “walled garden”. But this model is fundamentally incompatible with cloud computing, which by definition requires data to move beyond the enterprise perimeter. Before, the focus was primarily on preventing malware. But today, with both managed and unmanaged devices pushing data to the cloud—and with data passing from one cloud to another – the security considerations have changed dramatically.
While many still believe that on-premises data storage is superior due to a higher degree of control and visibility, there are far fewer breaches on public clouds due to cloud security providers’ emphasis on security as part of their business models.
