Sep 16 2021

Keys to the cloud: Unlocking digital transformation to enhance national security

Category: Cloud computingDISC @ 9:34 am
Keys to the cloud: Unlocking digital transformation to enhance national security

This, paired with the “anything you can do, I can do better” mantra adopted by today’s nation-state threat actors, has left mission-critical information vulnerable to attack as it undergoes the great cloud migration.

These agile threat actors – without any red tape to stand in their way – have already adopted a cloud-centric mindset, oftentimes at the expense of our national security. Meanwhile, emerging technologies like artificial intelligence and machine learning that lend themselves to assisting defensive efforts are rendered useless unless the defense community focuses more time, energy and resources on becoming cloud-centric.

Ultimately, the issue of national security hangs in the balance, and the best way to ensure we stay ahead of the curve is by using the cloud to “digitally overmatch” our opponents and unlock the full potential of digital transformation.

Overwhelming opponents

Originally coined by the Army, the concept of “digital overmatch” stems from the idea that the respective branches of the military can easily overwhelm their opponents on the ground due to their superior resources. Now, in the era of cyber-enabled conflict, this concept can also be applied to the non-Defense space. Given that data is such a strategic asset, defenders must ensure they can outpace and outmaneuver adversaries by using data-driven technologies such as the cloud, and deliver on-demand resources across all domains whenever and wherever they’re needed.

Without commercial and government innovation in cloud-native technology, federal agencies and the military are unable to maximize the full potential of their modernization strategy.

“Digital overmatch” in action

Cloud Computing Security: Foundations and Challenges

Tags: cloud security

Aug 18 2021

The 3 Rs of visibility for any cloud journey

Category: Cloud computing,Information SecurityDISC @ 8:54 am
The 3 Rs of visibility for any cloud journey

While Security Orchestration Automation and Response (SOAR) solutions help automate and structure these activities, the activities themselves require telemetry data that provide the breadcrumbs to help scope, identify and potentially remedy the situation. This takes increasing significance in the cloud for a few reasons:

  • The public cloud shared security model may lead to gaps in the telemetry (e.g., lack of telemetry from the underlying infrastructure that could help correlate breadcrumbs at the infrastructure level to the application level).
  • Lack of consistency in telemetry information as applications increasingly segment into microservices, containers and Platform-as-a-Service, and as various modules come from different sources such as internal development, open source, commercial modules, and outsourced development.
  • Misconfigurations and misunderstandings as control shifts between DevOps, CloudOps and SecOps.
  • All the above coupled with a significant expansion of attack surface area with the decomposition of monolith applications into microservices.

When incidents occur, the ability to quickly size up the scope, impact and root cause of the incident is directly proportional to the availability of quality data, and its ability to be easily queried, analyzed, and dissected. As companies migrate to the cloud, logs have become the de-facto standard of gathering telemetry.

The challenges when relying almost exclusively on logs for telemetry

This book is designed for security and risk assessment professionals, DevOps engineers, penetration testers, cloud security engineers, and cloud software developers who are interested in learning practical approaches to cloud security. It covers practical strategies for assessing the security and privacy of your cloud infrastructure and applications and shows how to make your cloud infrastructure secure to combat threats, attacks, and prevent data breaches. The chapters are designed with a granular framework, starting with the security concepts, followed by hand-on assessment techniques based on real-world studies, and concluding with recommendations including best practices.

FEATURES:

  • Includes practical strategies for assessing the security and privacy of your cloud infrastructure and applications
  • Covers topics such as cloud architecture and security fundamentals, database and storage security, data privacy, security and risk assessments, controls related to continuous monitoring, and more
  • Presents several case studies revealing how threat actors abuse and exploit cloud environments to spread malware

Tags: cloud computing risks, cloud security

Jul 28 2021

How is Cloud Infrastructure Security Important for an Organization?

Category: Cloud computingDISC @ 12:16 pm
Top 5 Benefits of Cloud Infrastructure Security 

Embracing new technologies lead to qualitative growth but simultaneously holds high chances of quantitative data breaches. While adopting cloud technology, it is important to see the security of cloud infrastructure as one of the crucial responsibilities. There are various organizations out there that are still unsure of the security of their data present in the cloud environment. 

In 2019, Collection #1, a massive data breach held responsible for compromising data set of over 770 million unique email addresses and 21 million unique passwords. The collection of data files was stored on a cloud storage service and MEGA. Similarly, information of over 108 million bets’ records was leaked by an online casino group. The leaked data included details of customers’ personal information along with deposits and withdrawals.

Then the same year, a famous food delivery service providing firm was breached, compromising the data of 4.9 million users, including consumers and delivery employees.

Additionally, a post from Security Boulevard says acording to a survey almost 98% of the companies had witnessed at least one cloud data breach in the past 18 months,  that is compared to 79% in 2020.

Here are the five major benefits that you gain from cloud infrastructure security solutions:

  • Data Security

Nowadays, cloud computing servers are becoming susceptible to data breaches. Cloud infrastructure security solutions help in ensuring that data like sensitive information and transaction is protected. It also helps in preventing the third party from tampering with the data being transmitted.

  • DDoS Protection 

Distributed denial of service, aka DDoS attacks, is infamously rising and deployed to flood the computer system with requests. As a result, the website slows down to load to a level where it starts crashing when the number of requests exceeds the limit of handling. Cloud computing security provides solutions that focus on stopping bulk traffic that targets the company’s cloud servers. 

  • Constant Support 

When it comes to the best practices of cloud infrastructure security solutions, it offers consistent support and high availability to support the company’s assets. In addition, users get to enjoy the benefit of 27/7 live monitoring all year-round. This live monitoring and constant support offer to secure data effortlessly.

  • Threat Detection

Infrastructure security in the cloud offers advanced threat detection strategies such as endpoint scanning techniques for threats at the device level. The endpoint scanning enhances the security of devices that are accessing your network. 

  • Supervision of Compliance

In order to protect data, the entire infrastructure requires to be working under complaint regulations. Complaint secured cloud computing infrastructure helps in maintaining and managing the safety features of the cloud storage. 

The points mentioned above are clear enough to state how beneficial and vital is cloud infrastructure security for an organization. Unfortunately, there are very many high-profile cases that have been witnessed in past years relating to data breaches. 

To patch the loopholes and strengthen the IT infrastructure security, it is crucial to keep the security of cloud storage services a high priority. Engage with the top-class cloud computing security tools to get better results and have the data secured.

Cloud Security

Tags: cloud computing risks, Cloud Infrastructure Security, cloud security, cloudcomputing

Jun 25 2021

Ensono: Security is a key factor when choosing a public cloud provider

Category: Information SecurityDISC @ 2:16 pm
Ensono: Security is a key factor when choosing a public cloud provider

There are many factors to considered when selecting a public cloud provider, but 56% in a recent survey said security concerns had the most significant influence during the selection process for public cloud providers, IT services management company Ensono said.There are many factors on selecting public cloud providers

Above: Ensono Cloud Clarity Report uncovered several areas that significantly influenced buying decisions.

Ensono: Security is a key factor when choosing a public cloud provider

Cloud security

Tags: cloud computing security, cloud security

Apr 01 2021

CSA Survey Suggests Cloud Security Is Improving

Category: Cloud computingDISC @ 12:56 pm
CSA Survey Suggests Cloud Security Is Improving

New research suggests the overall state of cloud security continues to improve at a time when more organizations rely on multiple cloud service providers.

survey of 1,900 security and IT professionals published this week by the Cloud Security Alliance (CSA) in collaboration with AlgoSec, a provider of network security tools, finds only 11% of respondents said they encountered a cloud security incident in the past year. The most common problems encountered were issues with a specific cloud provider (26%), security misconfigurations (22%) and attacks such as denial-of-service exploits (20%).

When asked about the impact of the cloud outages, more than a quarter of respondents said it took more than half a day to recover.

Despite growing confidence in cloud platforms, however, security remains a major area of focus. Top areas of concern include network security (58%), lack of cloud expertise (47%), migrating workloads to the cloud (44%) and insufficient staff to manage cloud environments (32%). In all, 79% of respondents noted some kind of issue involving IT staffing.

In the report, 52% of respondents reported they employed cloud-native tools to manage security as part of their application orchestration process, with half (50%) using orchestration and configuration management tools such as Ansible, Chef and Puppet. Less than a third (29%) said they used manual processes to manage cloud security.

Less clear, though, is who within the IT organization is responsible for cloud security. More than a third (35%) said their security operations team managed cloud security, followed by the cloud team (18%) and IT operations (16%). Other teams, such as network operations, DevOps and application owners, are all below 10%, the survey found.

Tags: cloud security

Mar 23 2021

Taking a Security-First Approach to Cloud Migration

Category: Cloud computingDISC @ 9:22 am
Taking a Security-First Approach to Cloud Migration

The pandemic and lockdowns hit their first anniversary mark, and many companies continue to have their employees work from home for the foreseeable future. Over the past year, organizations have seen how important cloud computing is to business operations.

In fact, according to a MariaDB survey, 40% of respondents said that COVID-19 accelerated their migration to cloud, and IDC found that while cloud spending increased slightly during the early months of the pandemic, other IT-related spending decreased.

If nothing else, 2020 showed organizations the advantages of cloud services. Of course, with more cloud use, there is more cloud risk. With almost all cloud teams working remotely, there has been an uptick in security vulnerabilities and a concern that there are ongoing cloud security issues that have yet to be discovered. Organizations are migrating so quickly to the cloud that security is an afterthought, and that has consequences.

Instead, a new Deloitte study recommended, this move to the cloud should work with cybersecurity as a differentiator to gain consumer trust. “An integrated cloud cyber strategy enables organizations to use security in their transformation in a way that promotes greater consumer trust, especially in today’s digital age,” the report stated. Any migration to the cloud should take a security-first approach.

Why Security First?

With an integrated, security-by-design cloud cybersecurity strategy, organizations can use security in digital transformation as a driver rather than as an afterthought, said Bhavin Barot, a Deloitte risk and financial advisory principal in the cyber and strategic risk practice, in an email interview. Leveraging secure design principles during a digital transformation or cloud migration helps organizations in the following ways, Barot added:

  • Incorporating leading-edge, innovative approaches such as intelligent threat detection.
  • Reducing risks related to technology, insider threats and the supply chain.
  • Elevating the DevSecOps posture for developers and engineers and
  • Establishes a cyber-forward approach that reinforces business objectives, enabling security principles such as zero trust.

Taking a Security-First Approach to Cloud Migration

Tags: cloud computing risks, Cloud Migration, cloud security

Mar 14 2021

Passing a compliance audit in the cloud doesn’t have to be hard

Category: Cloud computingDISC @ 9:30 am
Passing a compliance audit in the cloud doesn’t have to be hard

Adding compliance trails in cloud environments

The secret to resolving compliance and security issues before they escalate into costly audit penalties is to proactively add an automated compliance and security management system in the cloud environment. This way your company can take advantage of all the security benefits offered by the cloud provider while also managing other security aspects critical to your company’s operations while also providing an audit trail that can be used to help verify compliance.

In short, your company needs the means to detect specific issues and correct them prior to an official compliance certification audit. The top areas that auditors check are all centered on data access. That’s understandable given that Gartner predicts that “by 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020.”

Cloud security automation can scale along with your workloads in cloud environments and correct compliance issues and security vulnerabilities as they occur. Your company should consider the following when selecting an Identity Access Management (IAM) product to use in cloud environments to automate corrections and ensure compliance.

  • More easily visualize the current IAM posture and get alerts about excessive permissions
  • Get proof of regulatory compliance and data hygiene along with verification that relevant assets can only be accessed from specific areas in the application
  • Monitor any changes in the application that require updates in its security policy
  • If needed, create a new security policy that reflects the needs of each cloud-based asset
  • Ease of deployment in the pre-production and production environments

Source: Cloud services and foggy compliance issues

Cybersecurity for Executives in the Age of Cloud by [Teri Radichel]

Tags: Cloud compliance audit, cloud security

Mar 09 2021

How to mitigate security risks as cloud services adoption spikes

Category: Cloud computingDISC @ 11:49 pm
How to mitigate security risks as cloud services adoption spikes

The challenges of accelerated cloud adoption

The sheer number of organizations moving to the cloud is staggering: we’re seeing 3-5 years-worth of business transformation happening in just months due to the pandemic. As cloud-enabled digital transformation continues to accelerate, there are a variety of concerns.

For example, the visibility of data. Organizations (and users) must assess what controls cloud services providers offer in order to understand the security risks and challenges. If data is stored unencrypted, that implies significant additional risk in a multi-tenant environment. Or what about the ability of security models to mimic dynamic behavior? Many anomaly detection and predictive “risk-scoring” algorithms look for abnormal user behavior to help identify security threats. With the sudden and dramatic shift to remote work last year, most models require significant adjustments and adaptation.

Normally, companies begin exploring the move to a cloud service provider with a detailed risk analysis assessment. This often involves examining assets, potential vulnerabilities, exploitation probabilities, anticipated breach-driven outcomes, and an in-depth evaluation of vendors’ capacity to effectively manage a hybrid solution (including authentication services, authorization, access controls, encryption capabilities, logging, incident response, reliability and uptime, etc.).

How to mitigate security risks as cloud services adoption spikes

Tags: cloud computing risks, cloud computing security, cloud security

Feb 23 2021

Security Logging in Cloud Environments – AWS

Category: Cloud computing,Security logsDISC @ 4:33 pm

Which Services Can We Leverage?

AWS offers multiple services around logging and monitoring. For example, you have almost certainly heard of CloudTrail and CloudWatch, but they are just the tip of the iceberg.

CloudWatch Logs is the default logging service for many AWS resources (like EC2, RDS, etc.): it captures application events and error logs, and allows to monitor and troubleshoot application performance. CloudTrail, on the other hand, works at a lower level, monitoring API calls for various AWS services.

Although listing (and describing) all services made available by AWS is out of scope for this blog post, there are a few brilliant resources which tackle this exact problem:

In the remainder of this section I’ll provide a summary of the main services we will need to design our security logging platform. Before doing so, though, it might be helpful having a high-level overview of how these services communicate (special thanks to Scott Piper for the original idea)

Source: Security Logging in Cloud Environments – AWS

Tags: AWS security, Cloud computing, cloud security

Jan 24 2019

Security is the no. 1 IT barrier to cloud and SaaS adoption

Category: Cloud computingDISC @ 8:32 am

More than 70% of tech professionals said security spending has increased in the past year, according to a Ping Identity report.

Source: Security is the no. 1 IT barrier to cloud and SaaS adoption

  • Cloud Security





    • Tags: cloud security, Cloud Security Alliance

    Jan 22 2010

    How to manage risk in the cloud

    Category: Cloud computingDISC @ 3:06 am

    What is Cloud Computing and does it provide more protection to your business?

  • Pre-order the Softcover;

  • Pre-order the eBook.

    • Cloud Computing will bring many benefits to organisations, some of which include reducing operating costs, reducing power consumption and freeing you up to focus on your core business.
    The concept of shifting computing to a shared service provider is not new. What may be new is that the cost of Cloud Computing is falling so dramatically that considering outsourcing to the Cloud is no longer rare, and it is now accessible enough that any individual or organisation can use it to their advantage.

    Above the Clouds: Managing Risk in the World of Cloud Computing
    For Cloud Computing to be a viable option, you need to be confident that your business information will be secure and that the service you offer to your customers will still be reliable. So if you want to adopt a Cloud Computing strategy, you need to make sure you carry out due diligence on the service provider before you entrust this firm with your vital data. However, the author challenges the assumption that Cloud Computing will offer less protection to your data than relying on an in-house server. Buy Now!>

    Cloud Computing not only allows you to make economies of scale; it can also offer you the increased security that comes from sharing the resource. The author argues that moving over to Cloud Computing can actually help to defend your organisation from threats such as denial of service attacks, viruses and worms.

    Cloud service providers will tell you that Cloud Computing is bound to be better, faster and cheaper. The reality is that before switching over to Cloud Computing, you need to think carefully about whether it will really work for your business. This book shows you what you need to do to ensure that with Cloud Computing you will continue to give the standard of service your customers require. It also offers you some valuable tips on how to choose your provider of Cloud services.

    Published date: 9th February 2010.

    Pre-order this book using Voucher Code: “cloud2010” to save 10%!

  • Pre-order the Softcover;

  • Pre-order the eBook.

    • Related articles by Zemanta




    Tags: Business, cloud, Cloud computing, cloud computing benefits, cloud computing concerns, cloud computing risks, cloud computing security, cloud security, cloud services, cloudcomputing, Computer Science, Denial-of-service attack, Distributed Computing, due diligence, Economy of scale, Outsourcing, Security

    Sep 10 2009

    Way beyond the edge and de-perimeterization

    Category: Cloud computing,Information SecurityDISC @ 2:59 pm

    Wie eine Firewall arbeitet / how a firewall works
    Image by pittigliani2005 via Flickr

    De-perimeterization term has been around almost for a decade and finally industry is taking it seriously because of virtualization and cloud computing popularity. Is it time for businesses to emabrace de-perimeterization?

    De-perimeterization is a double edge sword for industry which creates scalable options for operation and huge challenges for safeguarding the assets beyond the edge. One of the major advantages for de-perimeterization is that user can access corporate information over the internet; in this situation user can access corporate data from any where, it’s hard to draw the line where the edge begins and where it ends. All you basically need a functional laptop with internet connection. On the other hand, de- perimeterization poses a great challenge due to possibility of viruses, spywares and worms spreading in your internal protected infrastructure.

    In de-perimeterized environment, security attributes shall follow the data, wherever the data may go or reside.

    In security architecture where firewall was considered a very effective perimeter defense has been weakens by virtualization and cloud computing. In early days of firewall defense, organization only needed to open few necessary protocols and ports to do business. Internet accessible systems were located on the DMZ and the communication was initiated from the corporate to internet. Now there are whole slew of protocols and ports which needs to be open to communicate with application in the cloud. As corporate application move out of the organization network into the cloud, the effectiveness of firewall diminished.

    Defense in depth is required for additional protection of data because as new threats emerge, the firewall cannot be used as an only layer of security. The key to the security of de-perimeterization is to push security at each layer of infrastructure including application and data. Data is protected at every layer to ensure the confidentiality, integrity and availability (CIA). Various techniques can be utilized for safeguarding data including data level authentication. The idea of data level authentication is that data is encrypted with specific privileges, when the data move, those privileges are moved with the data.

    layered-defense

    Endpoint security is relevant in today’s business environment especially for laptop and mobile devices. Agents on laptops and mobile devices utilized pull/push techniques to enforce relevant security policies. Different policies are applied depending on the location of the laptop. Where security policy will ensure which resources are available and what data need to be encrypted depending on the location of the device.

    When corporate application and important data reside in the cloud, SLA should be written to protect the availability of the application and confidentiality of the data. Organizations should do their own business continuity planning so they are not totally dependent on the cloud service provider. For example backup your important data or utilize remote backup services where all data stored is encrypted.


    Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance


    Download a free guide for following cloud computing applications

    Hosted email solution
    Hosted email archiving
    Hosted web monitoring
    Hosted online backup


    Reblog this post [with Zemanta]




    Tags: business continuity, Cloud computing, cloud computing article, cloud computing concerns, cloud computing email, cloud computing hosting, cloud computing information, cloud computing security, cloud computing services, cloud security, cloud services, de-perimeterizations, DMZ, iso assessment

    Jul 07 2009

    Cloud Computing Pros and Cons

    Category: Cloud computingDISC @ 6:19 pm

    Cloud Application Architectures: Building Applications and Infrastructure in the Cloud

    Cloud computing is the future of the computing, which happens to provide common business applications online that run from web browser and is comprised of virtual servers located over the internet. Basic idea behind cloud computing is the accessibility of application and data from any location as long as you are connected to the internet. Cloud computing makes the laptop the most essential tool to get the job done.

    For example Hosted Email (SaaS) Security provides safeguards at the Internet level, eliminating spam and malware before they reach your internal network infrastructure. The hosted email provides centralized security with built-in redundancy, failover, and business continuity, while easing network and security administration. In the hosted email software as a service the security controls are at work at the internet level. It’s about time to expand the corporate perimeter beyond firewall and one of the major benefit of cloud computing is to give organizations capability to implement security controls at internet level and eliminate threats before they reach the internal network.

    An online backup service is another example of software as a service (SaaS) which provides users with an online system for backing up and storing computer files.

    Cloud computing incorporates several different types of computing, including:
     software as a service (SaaS)
     platform as a service (PaaS)
     infrastructure as a service (IaaS)

    It is a range of technologies that have come together to deliver scalable, tailored and virtualized IT resources and applications over the Internet.

    Cloud Computing have several benefits and potential risks which you may want to know before signing a contract with a cloud vendor.



    Cloud Computing benefits

  • Users can avoid capital expenditure on hardware, software, and other peripheral services, when they only pay a provider for those utilities they use;

  • Consumption is billed as a utility or subscription with little or no upfront cost;

  • Immediate access to a broad range of applications, that may otherwise be out of reach, due to:

  • The lowering barriers to entry;

  • Shared infrastructure, and therefore lower costs;

  • Lower management overhead.

  • Users will have the option to terminate a contract at any time, avoiding return on investment risk and uncertainty.

  • Greater flexibility and availability of ‘shared’ information, enabling collaboration from anywhere in the world – with an internet connection.


    • Cloud computing associated risks

  • Cloud computing does not allow users to physically possess the storage of their data which leaves responsibility of data storage and control in the hands of their provider;

  • Cloud Computing could limit the freedom of users and make them dependent on the cloud computing provider;

  • Privileged user access – how do you control who has access to what information?

  • Security of sensitive and personal information lay with the vendor. How do you explain this to your customers when their data is compromised without sounding like you’re ‘passing the buck’?

  • From a business continuity stand point, can you rely on each vendor to have adequate resilience arrangements in place?

  • Long-term viability — ask what will happen to data if the company goes out of business; how will data be returned and in what format?



    • Complexities of cloud computing will introduce new risks and complexity is the enemy of security. The organizations and end users should be mindful of this security principle before introducing this new variable into their risk equation. As a consumer you need to watch out and research your potential risks before buying this service and consider getting a comprehensive security assessment from a neutral third party before committing to a cloud vendor.

    Recomended books on cloud computing

    Reblog this post [with Zemanta]




    Tags: Cloud computing, cloud computing article, cloud computing benefits, cloud computing concerns, cloud computing email, cloud computing hosting, cloud computing information, cloud computing network, cloud computing platform, cloud computing risks, cloud computing security, cloud computing services, cloud computing solutions, cloud security, cloud services, Infrastructure as a service, Platform as a service

    « Previous Page