Don’t Let Cloud Complacency Get The Upper Hand

Written by Charles Cooper 1
December 28, 2016

Cloud security is better than ever. But you can still put your organization at unnecessary risk by taking too much for granted.

Will 2017 finally witness “the big one,” the massive cloud computing breach that so many predict is inevitable?

Security practitioners have heard similar refrains before and would be excused for dismissing the question out of hand. But while cloud security may be stronger than ever, this is no time for complacency. Keeping data secure has never been harder.

For instance, think about the challenges involved in maintaining cloud security, given the vulnerabilities introduced by the Internet of Things. Billions of devices are getting connected to corporate networks each year and Gartner expects that 6.4 billion “things” will be in use in 2016, up 30% from the prior year. Yet, too many IoT devices remain unsecured and are likely to remain that way.

Talk about a target-rich environment for hackers! They can count on countless new opportunities in the new year to attack a seemingly infinite number of targets, including cloud providers as well as any private cloud installations or third parties that might have access to their (target's) operations.

It’s clear that pretty good security in the cloud just isn’t good enough any longer. With enterprise data residing in more places than ever before, IT now has the more difficult job of protecting against both external and internal threats to the cloud.

Unfortunately, no single approach works in isolation and effective cloud security depends on applying layers that get designed into an adaptable security infrastructure, and not tacked on as an afterthought.

Protecting your mobile endpoints with a combination of measures, such as EMM, anti virus and anti malware is going to be vital. Also, IT ought to be equipped with remote management capabilities that track mobile devices and wipe data if the devices get stolen or lost.

Encryption everywhere should be the default policy both when data is at rest or in motion. In the event of an information breach or an interception, encrypted information is unreadable.

Strong monitoring policies are also going to be necessary as more data migrates to the cloud. IT needs to know who is accessing information and what they are doing with it. Here is where CASB deployments can flag unusual download or access activity. Also, a CASB can help security executives uncover rogue IT deployments, one of the biggest security risks to the cloud today.

Above all, hold your providers accountable. Prepare a set of questions for your providers. In no particular order, what do they do to make sure nobody can access your data? What do they do in the cloud to make sure things can’t cross between environments and your cloud won’t be corrupted from somebody else’s cloud? For that matter, if someone else gets hacked, ask what they do to make sure the hackers can’t access your cloud environment.

Considering that companies now upload an average of 18.5 terabytes of data to cloud applications each month, this is hardly the time for organizations to let down their guards. The more gaps they can fill, the better their chances of keeping all that cloud information secure.

This content is underwritten by VMware — and is editorially independent. It is produced in accordance with conventional standards of business journalism.

Charles Cooper is an award-winning freelance author who writes about business and technology. During his 30-plus year career, he has worked as an executive editor at several leading tech publications including CNET, ZDNet, PC Week and Computer Shopper.