Story image

The security experts’ guide to the cloud...

06 Aug 2014

What do you get when you gather nine of the top IT thinkers to talk about cloud security? Professional advice and help with your cloud strategy.

And it’s all in GFI Software’s new 43-page eBook The security experts’ guide to the cloud.

In the guide, IT media vet Frank J. Ohlhorst cautions that Distributed Denial of Service (DDoS) attacks are still very much alive, moving at lightning speed across the cloud, and ready to attack your web servers and other apps.

In fact, some of the very devices used to speed up our applications, such as Application Delivery Controllers (ADC), can themselves be attacked.

The answer? Take web security seriously and properly configure your ADCs so they can ward off DDoS.

There are eight more important and compelling pieces, including: The early fears about the cloud revolved mainly around security, or the perceived lack thereof. Marketing guru, technologist and author Nick Cavalancia has a decidedly different take - he thinks the cloud should and can be trusted.

That’s because there are a bevy of large and trustworthy providers who have built tons of redundancy into their networks. And these well-heeled companies can afford the best servers, storage, network pieces and software.

Ongoing security fears also have some holding back from using the cloud for storage. And with some services such as Gmail having outages and losing data, these fears aren’t entirely misplaced.

But this should not be a cloud storage deal breaker.

Instead good planning and setting requirements such as having strong encryption can make cloud storage safe to use, says storage expert Deni Connor.

But while Cavalancia has faith in the cloud, Microsoft MVP Brien M. Posey sees more cause for concern - for instance with SaaS, you are not in charge of how the data is secured as you would be running the app in-house.

“There are two reasons why this type of security may prove to be problematic for SaaS customers," Posey argues.

"The first reason is loss of control. SaaS customers cannot use their preferred security software to protect their cloud based applications.

“The other reason why the inability to run third party security in a SaaS environment may prove to be problematic has to do with manageability.

"Oftentimes organisations use security software that offers centralised reporting capabilities.

"Such a feature may give the organisation a way to monitor security and health through a single pane of glass. The introduction of SaaS means that there will likely be cloud based applications that cannot be monitored using the organisation’s preferred software.”

ZDNet columnist Ed Bott weighs in with some advice to keep your cloud data private – especially when using cloud storage:

“Cloud storage is probably the purest example of the tension between convenience and security in modern computing," he claims.

"When you move your data to the cloud, you make it possible to access those files from anywhere.

"But that flexibility comes at a steep cost: Anyone who can sneak into that cloud server can access all your secrets, and you might never know."

The answer is to control who has access to your files, make sure strong passwords are in use, and to encrypt everything.

Identity management is one area where the cloud can both hurt and help. On the hurt site, so many services mean umpteen passwords which greatly increase exposure to hackers.

But a proper approach to identity management can cure these ills, or so says Debra Littlejohn Shinder:

“The basis of all computer security is controlling access – limiting the ability to view or change data or settings to only those persons and/or devices that are authorised to do so," she says.

"That control begins with properly identifying everyone who attempts access. Centralised identity management systems based on directory services have been in place for a long time within organisations, and have grown to span multiple organisations in the form of identity federation.

"Now identity management has expanded its scope again, to encompass cloud services with a global user base."

Dana Gardner, principal analyst for BriefingsDirect, believes cloud security is a moving target, and not necessarily moving in the right direction.

Part of the problem is the massive rise in cloud services, all of which need to be secured. Another issue is that too many of these services are far from enterprise ready. In fact, 93% of these services are not up to enterprise snuff.

The answer is to carefully select the services your company uses and the infrastructure they run upon.

By Doug Barney, writer/editor for GFI Software

LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
IGEL & ControlUp bring analytics to endpoints everywhere
The strategic partnership allows IGEL to integrate with ControlUp’s real-time monitoring and analytics capabilities via the IGEL Universal Management Suite (UMS).
Nutanix evolves multicloud offerings
Nutanix has expanded its multicloud solutions portfolio to further evolve its offerings across public and private cloud.
Bluzelle launches data delivery network to futureproof the edge
“Currently applications are limited to data caching technologies that require complex configuration and management of 10+ year old technology constrained to a few data centers."
Exploring the different needs for cloud services across Europe
Although digital transformation is happening across Europe, each country continues to have its own IT needs and the different cloud markets highlight this.
Trend Micro introduces cloud and container workload security offering
Container security capabilities added to Trend Micro Deep Security have elevated protection across the DevOps lifecycle and runtime stack.
Veeam joins the ranks of $1bil-revenue software companies
It’s also marked a milestone of 350,000 customers and outlined how it will begin the next stage of its growth.
Veeam enables secondary storage solutions with technology partner program
Veeam has worked with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration.