Protection in the cloud with a two-pronged approach

Security cloud two-prongedHacking often conjures images of malicious criminals breaking into computer systems to steal and sell data for monetary gain. More recently, hacking has become known as a weapon that can cause public embarrassment and wreck reputations.

Cyber-extortion and the threat to expose sensitive information are on the rise. In a recent IBM report, “Ransomware: How consumers and businesses value their data,” almost half of executives (46 percent) reported that they’ve had some experience with ransomware attacks in the workplace, and 70 percent of those respondents paid to get data back.

Such threats and the news stories they generate are primary reasons why security is a top concern for businesses. However, executives at the forefront of implementing hybrid cloud strategies say they are overcoming this challenge, according to the report “Growing up hybrid: Accelerating digital transformation.” Extending the same level of security controls and best practices they have in place for traditional IT to the cloud is one way to reduce risk. Assigning business-critical work to on-premises resources is another. In fact, 78 percent of these executives say that hybrid cloud is actually improving security.

As the benefits of cloud computing — agility, innovation and efficiency — become undeniable, information security is taking on greater importance. The best defense is to cultivate security as a behavior. Technology alone cannot protect companies. There must be a cultural change in the way all employees think about security.

Expanding cloud computing

Market demands are shifting the way CIOs think about data storage and security, says Roy Illsley, chief analyst with the digital consultancy firm Ovum. Most companies still store their most sensitive data in mainframes. However, Illsley expects that to change in the next five to 10 years as consumers insist on instant access to data.

“If you’ve got everything in a mainframe and it’s stored in Frankfurt, all nice and secure, but you’ve got customers all over the world, the latency of that from someone traveling in China is probably too great to be of any use to them,” he says.

Andras Cser, an analyst with Forrester Research, says financial concerns also weigh heavily. “You can’t choose to have a legacy system because of the cost,” he says. “The cloud is so much more inexpensive. The question isn’t whether a company should move to the cloud, it’s how.”

Cloud computing is no longer limited to just the world of computer servers, data storage and networking. Increasingly, it is core to mobile devices, sensors, cognitive and the Internet of Things (IoT). As innovations like cognitive and IoT become widespread, cloud computing is seemingly everywhere.

Outsmarting the hackers

As more information is digitized, security awareness needs to increase. Hackers gain entry to secure systems via phishing attacks in which employees click on malicious attachments or visit websites that download malware onto their machines. Organizations must take a two-pronged approach to security that uses tech-based solutions, and requires workers to change how they use technology.

For instance, encryption protects email, but employees also need to be careful about what they say in their emails. It goes back to human behavior. Is that the right medium for that communication or should you just pick up a phone? That decision is made by an individual.

Many high-profile email attacks that splashed across headlines were partly the result of inadequate technology, such as not using the right email signatures, and a misguided use of the medium. It all boils down to each user’s level of security consciousness and the best practices that he or she has internalized as a behavior. The adversary is getting cannier, so security relies upon individual actions and decisions.

Security requires a strong technical defense as well. Standard defenses include encryption and geofencing, which builds a virtual fence around data and monitors employees’ comings and goings. It’s not enough to merely have such technologies on hand, however. The key is to examine how well they are configured.

Organizations need people who not only know how to secure the system, but also stay ahead of emerging threats. One positive trend: companies are beginning to work together to fight hackers.

Such cooperation shows that security has become a global issue. Never before have businesses and public personalities had a better reason to work collaboratively to thwart cybersecurity threats.

Share this post:

Add Comment
No Comments

Leave a Reply

Your email address will not be published.Required fields are marked *

More Security Stories

Keeping visibility, control and security simple with hybrid cloud

The best thing about hybrid cloud can also be the worst thing if you’re not careful. I’m talking about being able to run workloads in a variety of environments—public cloud, private cloud, on-premises data center—and having the flexibility to choose the ideal environment to do what’s best for the business in any situation. It sounds […]

Continue reading

API security: Key takeaways from recent breaches

The IRS was recently in the headlines for the wrong reason: a lawsuit claims more than 330,000 taxpayer accounts were illegally accessed using the “Get Transcript” API. API breaches have for some time now plagued startups, affecting the likes of Facebook, Twitter, Buffer and Snapchat, and it’s clear these breaches are now affecting established enterprises. […]

Continue reading

5 ways smart companies keep internal cloud video secure

It’s not hard to see why so many businesses have adopted cloud-based streaming video. It’s an ideal way for an organization to stream a CEO presentation, introduce a marketing campaign, launch a new product, or encourage employee training and collaboration. The benefits abound, but many business leaders have nagging concerns about security and data protection. A […]

Continue reading