Cloud

4/10/2018
05:30 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

On-Premise Security Tools Struggle to Survive in the Cloud

Businesses say their current security tools aren't effective in the cloud but hesitate to adopt cloud-based security systems.

Cloud usage is growing faster than businesses' ability to secure it. While IT pros are quick to point out the benefits of SaaS applications, they are hesitant to adopt cloud-specific security tools. At the same time, their existing security systems are putting cloud-based data at risk.

Most (64%) large organizations say SaaS adoption is outpacing security, reports iboss in its new 2018 Enterprise Cloud Trends report. On average, about one-fifth of enterprise applications are SaaS, and the number is expected to hit 36% per business within the next two- to three years.

All of iboss' respondents say there is at least one benefit to using SaaS applications over physical software. Their reasons include speed (71%), user-friendliness (58%), data storage capacity (49%), heightened productivity (43%), and data accessibility (40%). They are most commonly using SaaS for email (63%), data loss prevention (59%), and file sharing (59%).

Employees expect to use SaaS in the workplace and they'll continue to do so. However, 91% of respondents say their organizations' security policies need to improve if they're going to operate in a cloud environment. One in ten says a "complete overhaul" is needed.

Current Tools Aren't Cutting It in the Cloud

Security in the cloud was a challenge for 97% of respondents in a new global survey by Sumo Logic, entitled 2018 Global Security Trends in the Cloud. Most report a lack of tools, cross-functional collaboration, and resources to gain insight into enterprise security.

Nearly all (93%) respondents have issues using security tools in the cloud. About half (49%) say existing tools aren't effective in their cloud environments, stating too many tools makes it hard to know what to prioritize. Forty-five percent say they can't investigate threats in a timely manner because of poor integration. Respondents also say different tools give conflicting information, and cloud-specific tools are both expensive and hard to learn.

"Legacy, on-prem security tools simply aren't designed for the borderless networks most large organizations use today," says iboss cofounder and CEO Paul Martini. "On-prem solutions require all network traffic to be routed through physical security appliances at headquarters, an incredibly expensive and inefficient process."

Sumo Logic found 87% of businesses struggle to use on-prem SIEM in the cloud for several reasons. More than half (51%) say they can't effectively assimilate cloud data and threats (51%), 34% say using on-prem tools in the cloud is too expensive, and 33% say deployment and usage is difficult. Only 17% say they don't struggle to use on-prem SIEM in the cloud.

When the SIEM was originally built, it was intended for security data, says Sumo Logic CSO George Gerchow. It was primarily used by security teams. Now, these systems need to be more transparent so developers and operations employees can access the data. As businesses rely on cloud services like Office 365, Salesforce, and Workday, they're realizing they need to change.

"They're finally starting to learn they need something that's going to be scalable, elastic, and give visibility across modern-day applications," Gerchow explains.

Using on-prem tools in the cloud is expensive, he adds. Collecting data from a cloud-based environment, importing it for analysis, then pushing it back to the cloud is inefficient and costly.

The demands of cloud security are also putting pressure on the structure of security teams. More than 60% of Sumo Logic respondents say cloud security demands broader technical expertise, 54% say they need greater cross-team coordination, and 51% say their staff is overloaded. Overall, 97% of respondents face organizational challenges with cloud security.

Switching to SaaS Security: Why Wait?

Despite the enthusiasm around SaaS applications, around half (49%) of iboss' respondents report they're hesitant to adopt SaaS-based security tools.

"Because they believe every SaaS solution requires them to leverage multi-tenant shared cloud infrastructure, companies are typically hesitant to adopt SaaS security tools due to data privacy concerns," says Martini. Those in industries like financial services and healthcare are also worried about regulatory control, he adds.

However, not switching to cloud-based security will force companies to forego a lot of benefits provided by SaaS applications. More employees demand the flexibility to use cloud applications to work remotely; using on-prem security tools prevents them from doing this securely.

"A risk is in using cloud-based security tools is around knowledge and education," says Gerchow. "We just don't have enough of it out there. Moving to the cloud, [businesses] just don't have the skill sets to understand how these tools work."

Adopting cloud-based security tools may require a learning curve, but Gerchow warns companies that sticking with on-prem tools amid the move to cloud can be dangerous.

"In my mind, the biggest risk is, you'll only be looking at part of the environment," he explains. "You're not going to get a holistic, 360-degree view of what's taking place."

The pressure to embrace SaaS security will increase as companies collect larger amounts of data, Gerchow continues. Cloud-based solutions can scale to handle larger data stores. If you're managing workloads in AWS, for example, and scale from 10 terabytes of data, to 40, to 100, you won't be able to secure it all with an on-prem security system.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for a two-day Cybersecurity Crash Course at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the agenda here. Register with Promo Code DR200 and save $200.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
tdsan
50%
50%
tdsan,
User Rank: Strategist
4/12/2018 | 12:49:31 PM
People are afraid of change
"Adopting cloud-based security tools may require a learning curve, but Gerchow warns companies that sticking with on-prem tools amid the move to the cloud can be dangerous."

This is the most important aspect of the whole document because organizations have not taken the time to fully understand the implications and redesign concepts of the cloud (basically they have not changed their thinking). In this new ecosystem, the cloud is not the all to end all, if you have problems on-premise then the same problems are going to resurface in the cloud due to the bad practices and engineering designs companies have employed at their primary locations.

We need to have an external party, someone who is familiar with cloud design/architecture, implementation, integration and data migration principles. First they would need to perform an assessment, identify any gaps or dependencies associated with the security application, determine (feasibility analysis) if the solution meets their needs, identify costs and then develop a plan to move into that area with a team who is knowledgeable of the intricacies of that CSP (Cloud Service Provider).

If the organizations followed this guidance, then most of the respondents would have a more favorable view of the cloud because it was treated as a project, as history has it, most organizations do not do this, they present the idea to one of their engineers, the engineer has never worked with the provider before, they have to research and figure out how the technology works in the cloud and the cloud application itself, then determine if the application they are used to is provided in the marketplace of that CSP. With all of this, the engineer becomes frustrated and the project is stalled because of the lack of understanding during the inception of the project.

The take away from all of this is as follows:
  • Educate specific members of the organization that you design cloud points of contact
  • Engage a third-party entity to help identify nuances with cloud adoption
  • Develop a 5 point plan using "Agile Scrum" methodologies to help with the deployment process - https://goo.gl/7Bvg6s (Gartner Cloud Adoption Plan)
  • Allow for adequate time to train, test, develop, implement, integrate, deploy your solution in the cloud
  • Finally, document lessons learned and document processes along the way allowing for Standard Operating Procedures (SOPs) to be created during this cloud adoption process

If we follow these steps, I do think the move from on-prem solutions to hybrid off-prem solutions would allow for great understanding and awareness during our journey to Enterprise Global Systems design.

Todd - ITOTS Networks, LLC
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17321
PUBLISHED: 2018-09-22
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
CVE-2018-17322
PUBLISHED: 2018-09-22
Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter.
CVE-2018-14889
PUBLISHED: 2018-09-21
CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability.
CVE-2018-14890
PUBLISHED: 2018-09-21
Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management Console.
CVE-2018-14891
PUBLISHED: 2018-09-21
Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability.