10 Ways Cloud Services Improve Security, Reduce Complexity
Cloud Services Can Bolster SMB Security If Thoroughly Evaluated, Managed
Cloud services and particularly platform and infrastructure providers are in position to bolster the security posture of small and midsize businesses, said security industry veteran Marc Maiffret. Maiffret, heads the advanced research labs at BeyondTrust, said organizations can benefit by offloading responsibility for system monitoring, maintenance and centralizing security. Maiffret also co-founded and served as chief technology officer at vulnerability management firm eEye Digital Security, which was acquired by BeyondTrust in 2012. He previously served as chief security architect at FireEye, during the early stages of the company. Maiffret also has a history in the channel. He oversaw the professional services division at Los Angeles-based managed services provider, DigiTrust Group.
In an interview with CRN at the 2014 Black Hat security conference, Maiffret explained how adoption of cloud services can increase security for SMBs.
10. Larger Enterprises Should Look Internally
Larger enterprises have the ability to offload less critical functions to a service provider to free up the IT team to address more critical issues, Maiffret. Cloud infrastructure providers may not be the best choice for large enterprises, Maiffret said. Gaining simplicity also results in having control of less data and security processes, he said. For example, a business would have less control over how to get logging information and how to integrate it internally to gain real-time alerting on potential threats. Instead, larger organizations have the ability to identify rogue or shadow-IT cloud services running in various business units. They can also help the business consolidate overlapping services and cut costs.
9. Better Management Of Employee Privileges
Cloud-based services are available to simplify the process of managing employee privileges. While the state of identity management is in a transition, businesses can take advantage of SaaS-based services that monitor account access and manage privileges across cloud-based services, Maiffret said. Businesses can also take advantage of services that can spot anomalous logins and block access from unauthorized locations.
8. Cloud Services Aid Vulnerability Management
Coding errors that open up significant weaknesses to attackers to the corporate environment can also weaken the integrity of cloud-hosted servers, Maiffret said. The software bugs are still Windows and Linux-based vulnerabilities. They are no different than on-premise vulnerabilities, he said. What is different is how a business can scan for those vulnerabilities. SaaS-based vulnerability management services are available to businesses and can tie into Microsoft Azure, Rackspace or Amazon Web Services accounts to identify vulnerabilities.
7. Centralized Management Through Security Services
The adoption of cloud platforms and services can enable organizations to centralize security management by adopting SaaS-based security services. A variety of emerging vendors sell cloud-based gateways that perform identity and access management, file integrity monitoring, encryption and tokenization of data across a myriad of cloud applications.
6. Cloud Services Enable Encryption
Companies turning to cloud infrastructure providers should also be considering point-to-point encryption to protect data from prying eyes, Maiffret said. It ensures that if a vulnerability or configuration does exist, an attacker wouldn't gain full access to data in clear text. Cloud-based services should support security components, including encryption, and make it easy for customers to get it properly implemented.
5. SaaS Email Security Also Reduces Phishing
In the same way Google and Microsoft have made gains in filtering spam, they have been able to identify and block phishing attacks, Maiffret said. SaaS email services have the data and scale to find anomalies that signal an attack campaign in progress across their customer base. Microsoft is also building in machine learning and other capabilities to find anomalous logins and other potential threats. Google can use its visibility to identify phishing across multiple email accounts compared to an average antispam plugin or service.
4. Microsoft, Google Address Spam
Small businesses looking to have email hosted in the cloud with Microsoft Office365 or Google Apps for Business are much better off going to the cloud than hosting their own Exchange, Maiffret said. Having to manage patching and configuration in-house can be a daunting challenge for some businesses, he said. Microsoft and Google demonstrate how a small or midsize business can turn to a SaaS-based email provider and gain increased security, Maiffret said.
3. Cloud Services Helps Limit Attack Surface
There will always be new vulnerabilities, but you can do a lot to limit that attack surface, especially through identifying configuration issues. Addressing security threats becomes a lot easier if the attack surface is reduced by eliminating processes and systems that are rarely used and not critical components of the business, Maiffret said. For small and medium sized businesses turning to a cloud provider is probably a smart move, Maiffret said. The people employed at the cloud provider will understand how to manage and harden the infrastructure better.
2. Cloud Services Provide Expertise
A variety of studies have identified a lack of skilled IT security professionals, making it difficult for businesses to attract and retain a skilled security team. When businesses turn to a cloud service, a hosting provider and truly contract out services and support, they gain a knowledge base of skilled professionals they otherwise wouldn't have, Maiffret said. Organizations far too often have to rely on security generalists, he said. Cloud services typically retain seasoned personnel who specialize in specific security functions to protect the client base.
1. Cloud Services Unload System Complexity
Organizations can definitely reduce some system complexity, but it won't be completely eliminated, Maiffret said. Instead the complexity workload is transferred to somebody else who is hopefully going to manage it better than the business can, he said. Cloud-based infrastructure isn't running any special software that is more secure or that wouldn't be running inside the business. It should instead be better managed and maintained. It is really about trusting Amazon or Microsoft or any other cloud infrastructure provider with the complexity.