If the past year was any indication, 2017 will be a busy one for IT managers and security experts. We want to make it a easier for you by sharing trends we are watching and proposing solutions. In this instalment, we will address cloud protection.
Why do you need Cloud Protection?
Things will be looking up in 2017 — way up. But that’s not necessarily something to be optimistic about. While it may not be favourable to have one’s head in the clouds when it comes to security, protecting data in the cloud is set to continue as a pressing concern for the IT admin.
Cloud based storage (as opposed to physical servers) is more cost-effective and secure against hackers, and unforeseen issues like natural disasters and accidents. Cloud-based security and email solutions will continue to become more preferable, particularly given their flexibility to translate across a multitude of devices and applications. They are also much less geographically restricted, allowing an increasingly mobile generation to bring protection of their data with them where and when they need it.
Unfortunately, as the cloud becomes more ubiquitous, so too will it become a target for hackers in 2017.
Cloud Protection Trends
Check Point Software predicts at least one major cloud provider will be attacked in 2017. That may look like ransomware to access corporate data, a full data breach or a DDoS attack.
Cloud-based solutions will grow the overall security market. According to Technavio, “the global cybersecurity services market is expected to grow at a CAGR more than 11% over the next five years due to a shift to cloud-based services by organizations.”
According to The 2017 Spiceworks State of IT, budgets for hosted/cloud-based services will increase by 3 percent in the coming year. And while IT departments will have greater budgets for cloud-based solutions, there may be a shortage of experts to meet demands on cloud protection in 2017. For instance, in the UK, only 33 per cent of IT decision makers have an acceptable level of experience in operating a cloud-based infrastructure, meaning that many will be unprepared to scale during the coming year.
Cloud Protection Solutions
1. IP Test
Implement IP restrictions for access, well beyond just firewalls. For instance, certain Application Program Interfaces (API) should only be accessed by certain IPs.
Require two-factor authentication on all risky permissions and accesses, especially those manipulating user information and configuration.
Regularly review your API permissions.
4. Unusual Suspects
Turn on billing alerts to get real-time notifications of odd behaviour.
5. Keep a Log
Turn on API logging and watch for suspicious activity. Oddly, most providers have this off by default. Consider a solution like LogStash or similar to keep API activity logs accessible and monitored.
6. Look App
Analyze your cloud applications for unwitting exposure of meta-data.
The cloud will present great efficiencies and benefits in the long-term. We know this because of our client needs (and email security solutions that are cloud-based and on-premise). These cloud protection solutions should help you – whether you are launching a new cloud based solution or simply looking at your current setup.
If you’d like to read more about cybersecurity trends and solutions, you can download our white paper Cybersecurity Trends and Solutions for 2017, which covers cloud protection solutions and 13 other trends and solutions to stay on top of.