Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

4/10/2018
05:30 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

On-Premise Security Tools Struggle to Survive in the Cloud

Businesses say their current security tools aren't effective in the cloud but hesitate to adopt cloud-based security systems.

Cloud usage is growing faster than businesses' ability to secure it. While IT pros are quick to point out the benefits of SaaS applications, they are hesitant to adopt cloud-specific security tools. At the same time, their existing security systems are putting cloud-based data at risk.

Most (64%) large organizations say SaaS adoption is outpacing security, reports iboss in its new 2018 Enterprise Cloud Trends report. On average, about one-fifth of enterprise applications are SaaS, and the number is expected to hit 36% per business within the next two- to three years.

All of iboss' respondents say there is at least one benefit to using SaaS applications over physical software. Their reasons include speed (71%), user-friendliness (58%), data storage capacity (49%), heightened productivity (43%), and data accessibility (40%). They are most commonly using SaaS for email (63%), data loss prevention (59%), and file sharing (59%).

Employees expect to use SaaS in the workplace and they'll continue to do so. However, 91% of respondents say their organizations' security policies need to improve if they're going to operate in a cloud environment. One in ten says a "complete overhaul" is needed.

Current Tools Aren't Cutting It in the Cloud

Security in the cloud was a challenge for 97% of respondents in a new global survey by Sumo Logic, entitled 2018 Global Security Trends in the Cloud. Most report a lack of tools, cross-functional collaboration, and resources to gain insight into enterprise security.

Nearly all (93%) respondents have issues using security tools in the cloud. About half (49%) say existing tools aren't effective in their cloud environments, stating too many tools makes it hard to know what to prioritize. Forty-five percent say they can't investigate threats in a timely manner because of poor integration. Respondents also say different tools give conflicting information, and cloud-specific tools are both expensive and hard to learn.

"Legacy, on-prem security tools simply aren't designed for the borderless networks most large organizations use today," says iboss cofounder and CEO Paul Martini. "On-prem solutions require all network traffic to be routed through physical security appliances at headquarters, an incredibly expensive and inefficient process."

Sumo Logic found 87% of businesses struggle to use on-prem SIEM in the cloud for several reasons. More than half (51%) say they can't effectively assimilate cloud data and threats (51%), 34% say using on-prem tools in the cloud is too expensive, and 33% say deployment and usage is difficult. Only 17% say they don't struggle to use on-prem SIEM in the cloud.

When the SIEM was originally built, it was intended for security data, says Sumo Logic CSO George Gerchow. It was primarily used by security teams. Now, these systems need to be more transparent so developers and operations employees can access the data. As businesses rely on cloud services like Office 365, Salesforce, and Workday, they're realizing they need to change.

"They're finally starting to learn they need something that's going to be scalable, elastic, and give visibility across modern-day applications," Gerchow explains.

Using on-prem tools in the cloud is expensive, he adds. Collecting data from a cloud-based environment, importing it for analysis, then pushing it back to the cloud is inefficient and costly.

The demands of cloud security are also putting pressure on the structure of security teams. More than 60% of Sumo Logic respondents say cloud security demands broader technical expertise, 54% say they need greater cross-team coordination, and 51% say their staff is overloaded. Overall, 97% of respondents face organizational challenges with cloud security.

Switching to SaaS Security: Why Wait?

Despite the enthusiasm around SaaS applications, around half (49%) of iboss' respondents report they're hesitant to adopt SaaS-based security tools.

"Because they believe every SaaS solution requires them to leverage multi-tenant shared cloud infrastructure, companies are typically hesitant to adopt SaaS security tools due to data privacy concerns," says Martini. Those in industries like financial services and healthcare are also worried about regulatory control, he adds.

However, not switching to cloud-based security will force companies to forego a lot of benefits provided by SaaS applications. More employees demand the flexibility to use cloud applications to work remotely; using on-prem security tools prevents them from doing this securely.

"A risk is in using cloud-based security tools is around knowledge and education," says Gerchow. "We just don't have enough of it out there. Moving to the cloud, [businesses] just don't have the skill sets to understand how these tools work."

Adopting cloud-based security tools may require a learning curve, but Gerchow warns companies that sticking with on-prem tools amid the move to cloud can be dangerous.

"In my mind, the biggest risk is, you'll only be looking at part of the environment," he explains. "You're not going to get a holistic, 360-degree view of what's taking place."

The pressure to embrace SaaS security will increase as companies collect larger amounts of data, Gerchow continues. Cloud-based solutions can scale to handle larger data stores. If you're managing workloads in AWS, for example, and scale from 10 terabytes of data, to 40, to 100, you won't be able to secure it all with an on-prem security system.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for a two-day Cybersecurity Crash Course at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the agenda here. Register with Promo Code DR200 and save $200.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
tdsan
50%
50%
tdsan,
User Rank: Strategist
4/12/2018 | 12:49:31 PM
People are afraid of change
"Adopting cloud-based security tools may require a learning curve, but Gerchow warns companies that sticking with on-prem tools amid the move to the cloud can be dangerous."

This is the most important aspect of the whole document because organizations have not taken the time to fully understand the implications and redesign concepts of the cloud (basically they have not changed their thinking). In this new ecosystem, the cloud is not the all to end all, if you have problems on-premise then the same problems are going to resurface in the cloud due to the bad practices and engineering designs companies have employed at their primary locations.

We need to have an external party, someone who is familiar with cloud design/architecture, implementation, integration and data migration principles. First they would need to perform an assessment, identify any gaps or dependencies associated with the security application, determine (feasibility analysis) if the solution meets their needs, identify costs and then develop a plan to move into that area with a team who is knowledgeable of the intricacies of that CSP (Cloud Service Provider).

If the organizations followed this guidance, then most of the respondents would have a more favorable view of the cloud because it was treated as a project, as history has it, most organizations do not do this, they present the idea to one of their engineers, the engineer has never worked with the provider before, they have to research and figure out how the technology works in the cloud and the cloud application itself, then determine if the application they are used to is provided in the marketplace of that CSP. With all of this, the engineer becomes frustrated and the project is stalled because of the lack of understanding during the inception of the project.

The take away from all of this is as follows:
  • Educate specific members of the organization that you design cloud points of contact
  • Engage a third-party entity to help identify nuances with cloud adoption
  • Develop a 5 point plan using "Agile Scrum" methodologies to help with the deployment process - https://goo.gl/7Bvg6s (Gartner Cloud Adoption Plan)
  • Allow for adequate time to train, test, develop, implement, integrate, deploy your solution in the cloud
  • Finally, document lessons learned and document processes along the way allowing for Standard Operating Procedures (SOPs) to be created during this cloud adoption process

If we follow these steps, I do think the move from on-prem solutions to hybrid off-prem solutions would allow for great understanding and awareness during our journey to Enterprise Global Systems design.

Todd - ITOTS Networks, LLC
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at Synopsys,  6/18/2019
Florida Town Pays $600K to Ransomware Operators
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12936
PUBLISHED: 2019-06-23
BlueStacks App Player 2, 3, and 4 before 4.90 allows DNS Rebinding for attacks on exposed IPC functions.
CVE-2019-12937
PUBLISHED: 2019-06-23
apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable.
CVE-2019-12935
PUBLISHED: 2019-06-23
Shopware before 5.5.8 has XSS via the Query String to the backend/Login or backend/Login/load/ URI.
CVE-2019-12933
PUBLISHED: 2019-06-22
An XSS issue on the PIX-Link Repeater/Router LV-WR09 with firmware v28K.MiniRouter.20180616 allows attackers to steal credentials without being connected to the network. The attack vector is a crafted ESSID.
CVE-2019-10028
PUBLISHED: 2019-06-21
Denial of Service (DOS) in Dial Reference Source Code Used before June 18th, 2019.