IaaS Archives - ISG Technology

Cloud computing has been gaining popularity in the business space over the last couple years. Organizations are abandoning server-based data centers in favor of a third-party-provided solutions. Yet as more data is stored digitally, the danger of hacking grows. Companies are losing significant income to data breaches, and cybercriminals are developing new, sophisticated ways to steal data.

So why are companies taking their information to the cloud? Many executives want to push their businesses to the cloud but don’t fully understand how it works. As such, they may be wary over the idea of removing confidential information from complete corporate oversight. However, the cloud is not as penetrable as its name might imply.

Three factors driving cloud safety
According to Forbes, there are three principal factors helping to keep data secure when it is in a cloud platform. The first is redundancy. Losing data can be almost as harmful as having it stolen. When a server fails or a hacker gains access to a corporate network and deletes or attempts to ransom vital information, companies can lose months of productivity. Most cloud networks, however, typically keep data in at least three locations.

This means that lost data at one location, such as data loss caused by a server failure, will not have the disastrous impact that it could in an organization relying on an on-premise data center. By keep copies of each file, cloud solutions are making sure mission-critical data is accessible until the user no longer wants it.

The second factor is the safe sharing policy. Anyone who has ever used the popular Google Docs knows how file sharing works. Rather than making a copy, the user must enter the email address of anyone they want to see the file. These extra users can’t share the file on their own (unless given express permission), they simply have access to the information. This is how safe sharing works. It prevents any unauthorized copies from being created or distributed. Users have access to their own data and can control exactly who sees it.

The last factor driving cloud safety is encryption. Provided a user keeps track of their password, it is very difficult for a hacker to gain access to the files. They are being stored either entirely in the cloud or at a secure, remote facility in an unknown location. Since the user’s connection to this information is encrypted, following it to gain access would be difficult, if not impossible for a human hacker.

“Cybersecurity today is more about controlling access than managing data storage.”

It’s all about access
As TechTarget pointed out, cybersecurity today is more about controlling access than managing data storage. When hackers breach data, they typically do so because they have access to sensitive information. This can be a password or even a corporate email address. Cybercriminals infiltrate and steal information based on the access they’ve gained, typically from an unknowing authorized user.

Cloud solutions help monitor this access, keeping secure data under control. The providers offering these platforms have the expertise and the resources to keep cybersecurity evolving alongside the threats. In most cases, they have more resources than the client companies using their solutions.

The cybersecurity arms race
One popular cloud vendor is Microsoft. Each year the company invests over $1 billion into cybersecurity initiatives for its Azure platform. The money, explained Azure Government CISO Matthew Rathbun in an interview with TechRepublic, isn’t just about maintenance, it is about innovation:

“Ninety percent of my threat landscape starts with a human, either maliciously or inadvertently, making a mistake that somehow compromises security,” said Rathbun. “In an ideal state, we’re going eventually end up in a world where there’ll be zero human touch to an Azure production environment.”

Overseen by talented specialists with ample resources, cloud solutions are a safe form of data protection in today’s digital business space.

Early in February 2018, Microsoft and Symantec announced a partnership, one that allows Symantec to integrate its security solutions with Microsoft Azure and Office 365. The move is an expansion of service alignment, following the October 2017 announcement that Symantec will use the Azure cloud to deliver its Norton consumer-grade cybersecurity software, according to Microsoft.

Both companies have praised the initial move as a win-win. Microsoft gained a valuable vendor and Symantec expanded its potential audience size and improved the delivery system for its products. Evidently, the two organizations enjoyed working with one another, as this latest move represents a definite ramp up in the partnership.

Symantec secures Microsoft’s Cloud
“The collaboration between Microsoft and Symantec brings together advanced network security and intelligent cloud infrastructure… Symantec’s full suite of security and compliance controls complement our broad set of Azure security solutions to provide customers with an ideal, trusted cloud platform,” said Scott Guthrie, executive vice president, Microsoft Cloud and Enterprise Group, during the expanded partnership announcement.

It is easy to see what Microsoft stands to gain from this partnership. Despite the reputation and history of the product, Azure has been playing aggressive catch up to Amazon’s AWS in terms of user base. According to Gartner research, AWS still leads the market in turns of overall usage, especially in the infrastructure-as-a-service sector. While Microsoft is in secure control of second place, the company is likely looking for ways to transform Azure into the superior product.

Since both Azure and AWS market themselves as widely flexible cloud solutions, the clear advantage may come in terms of cybersecurity standards. Symantec has long been seen as a leader in the antivirus and cybersecurity market. Outfitting the Microsoft Azure and Office 365 platforms with Symantec Web Security Service enables corporate Azure and 365 users to better manage cloud data, prevent information leaks and guard against data breaches.

Cloud services providers are rushing to diversify their solutions to serve a variety of clients. Security measures are still catching up to this design choice.

Looking ahead to 2018
Symantec clearly sees the role of cybersecurity providers growing in 2018. The company blog outlined a series of new challenges that it expects to see in the coming year. While 2017 headlines included the dramatic WannaCry ransomware attack, Symantec feels that blockchain – digital record-keeping software made popular through Bitcoin – may headline 2018’s largest cybersecurity concerns. Part of this comes with its wider adoption.

Nokia announced earlier in February that it will use blockchain to power its financial transactions in its new sensing-as-a-service platform and other companies are expected to follow. As blockchain handles increasing amounts of money in the digital space, it is logical to assume the number and intensity of cyberattacks will increase. Symantec expects that cyber criminals will even use artificial intelligence and machine learning to improve their attack methods.

Symantec also expects organizations will struggle with IaaS (the large theater where Microsoft and Amazon are the two main providers). The company feels the flexibility and scalability of these solutions will be the main problem as both will increase the change of errors in implementation and design. This scenario seems likely as not every client using IaaS has an in-house IT team to help facilitate the transition.

Giving Azure and 365 the extra Symantec coverage may be the difference maker in which of the two leading IaaS providers avoids a massive 2018 data breach.

Posts