New Platform, New Risks – How the Cloud is Changing Enterprise Security
Posted October 5th, 2012
For many years, computer viruses have been the bane of IT departments everywhere. A never-ending stream of Trojans, worms and malware forced IT staffers to constantly update computer anti-virus software in an attempt to stay ahead of the latest attacks. But in the era of cloud computing and VPNs, it’s not the device that’s at issue any more – access to the data must be managed instead of the machine. With that shifting paradigm comes a shift in security threats as well. Here’s what to fear if you’ve moved your data to the cloud.
Denial of Service Attacks -Also referred to as DDOS (distributed denial of service), these attacks prevent cloud users from being able to access any portion of their cloud service, be it data or software services. From a user standpoint, this means a literal freeze of an organization’s computing activity – resulting in lost productivity, lost revenue, and even lost lives if, for example, access to critical medical data was blocked. On the cloud provider’s end, a DDOS attack takes time and resources to fight, and causes customer churn – both of which can ravage revenues. The widespread impact of a DDOS attack is why Rakesh Shah, Director of Product Marketing and Strategy at Arbor Networks, considers these events to be the biggest security threat to the cloud.
Breach of Data – Guy Helmer, CTO of Palisade Systems, says a different cloud security problem tops his list of threats: the loss of confidential data. While security strategies and risks vary among different cloud platforms like IaaS, PaaS and SaaS, the bottom line is that without sufficient protection, all clouds can be compromised. Not only can embarrassing data breaches ruin the reputations of both cloud users and cloud service providers, but contracts with privacy-sensitive clients often include heavy financial penalties for disclosing confidential information.
Obviously, the first line of defense for corporations and their IT departments is to choose their cloud provider wisely. The best cloud vendors should be transparent about their ability to balance the need for airtight security with a customer’s need for an easy interface. Also, don’t assume that a private cloud is safer than a public one. In general, public clouds – especially big names like Amazon Web Services, Google and Microsoft Azure – attract the best security specialists, can update their technology more frequently due to economies of scale, and have been subject to more attacks, causing them to up their defensive game. Private clouds, on the other hand, may be more complacent as they feel “under the radar” of attackers, have not been battle-tested, and may have older technology in use.
Of course, your IT services are only as dependable as the professionals you hire. That’s why you should turn to the reliable search – Bayside Solutions – when you need technology experts. Our top-notch professionals are pre-screened for both technical and teamwork skills, so contact us today!
