Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
2/7/2018
09:00 AM
Paul Martini
Paul Martini
Partner Perspectives
Connect Directly
Twitter
RSS
50%
50%

Top Cloud Security Misconceptions Plaguing Enterprises

Contrary to popular opinion, there is no one single cloud. There are a wealth of cloud-based providers that own dedicated server space across the globe. Here's how to find the best fit for your company.

Despite all the buzz over the past decade, the cloud remains a bit of a mystery for many users who rely on it day-to-day. The cloud has made it easy for companies to embrace a number of "as-a-service" technologies seamlessly and lowered cost by eliminating the need to purchase security tools and appliances.

Yet adopting cloud operations blindly – as with any new workflow or technology – comes with risks. This is especially important in the context of how these tools are delivered, and whether they are a good fit for an organization based in specific needs.

All Clouds Are Not Created Equal
For starters, there is not just one single cloud. There are a wealth of cloud-based security providers that own dedicated server space across the globe, and each of their offerings is unique based upon their own business focus and target demographics. The cloud providers operating most widely in the enterprise are shared-tenant cloud environments where customers’ data and information is managed in one database and controlled using the same central operating system.

While a shared environment may not be much of a concern when cloud applications are used for programs such as marketing, that don't involve customer data or other personal identifiable information.  However, there may be significant impacts on enterprises who store and manage customer data in the cloud, for example, when security tools might redirect a customer’s traffic from one jurisdiction to a data center in a location with a different set of compliance standards. If a business operates within an industry that is privy to heavy regulations – especially where geolocation and PII sharing is concerned – they need to be sure their cloud provider isn’t bringing the data to a location that leaves them exposed to noncompliance penalties.

A prime example of this is the increased regulations stemming from Europe’s General Data Protection Regulation (GDPR). The GDPR  – which dictates strict rules about collecting personally identifiable information (PII) – further complicate  the issue of protecting customer data in the cloud. When a customer’s data is in a multi-tenant cloud that is shared, the ability to isolate a customer’s data becomes difficult. Next-generation cloud security solutions are making fast-work of addressing this, by leveraging multi-tenant cloud platforms with non-shared architectures, which give each customer their own operating system for content management and control.

Synchronized Management Workflow
A significant concern when implementing cloud security solutions from a multi-tenant shared cloud provider is that these tools might force organizations to employ a number of non-compatible security solutions, requiring multiple management consoles that create a disjointed workflow. For instance, in situations where organizations are collecting highly sensitive information, they may require an on-premises secure web gateway to ensure that data is isolated from outside traffic. The traditional ‘hybrid’ solution – using cloud-based and on-premises security tools to vet traffic –doesn’t provide a seamless view across the organization, resulting in security blind spots that impact the ability of teams to respond to an incident.

The majority of newer cloud security solutions within the industry decouple the physical from the virtual and provide a multi-tenant cloud with non-shared resources that deliver the best of both worlds. The result is greater visibility across the organization, shorter incident response times and substantial cost savings by avoiding the need to purchase appliances. Businesses need to consider protections that can align their security mission without forcing teams to continually purchase hardware and overcomplicate their security infrastructure. 

Paul Martini is the CEO, co-founder and chief architect of iboss, where he pioneered the award-winning iboss Distributed Gateway Platform, a web gateway as a service. Paul has been recognized for his leadership and innovation, receiving the Ernst & Young Entrepreneur of The ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
iboss has created the first and only web gateway as a service specifically designed to solve the challenge of securing distributed organizations. Built for the cloud, the iboss Distributed Gateway Platform leverages an elastic, cloud-based node architecture that provides advanced security for todays decentralized organizations with more financial predictability. Backed by more than 110 patents and patents pending, and protecting over 4,000 organizations worldwide, iboss is one of the fastest growing cybersecurity companies in the world. To learn more, visit www.iboss.com.
Featured Writers
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Shhh!  They're watching... And you have a laptop?  
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-3018
PUBLISHED: 2018-05-24
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.
CVE-2013-3023
PUBLISHED: 2018-05-24
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.
CVE-2013-3024
PUBLISHED: 2018-05-24
IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.
CVE-2018-5674
PUBLISHED: 2018-05-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2018-5675
PUBLISHED: 2018-05-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...