Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


05:30 PM
Connect Directly

On-Premise Security Tools Struggle to Survive in the Cloud

Businesses say their current security tools aren't effective in the cloud but hesitate to adopt cloud-based security systems.

Cloud usage is growing faster than businesses' ability to secure it. While IT pros are quick to point out the benefits of SaaS applications, they are hesitant to adopt cloud-specific security tools. At the same time, their existing security systems are putting cloud-based data at risk.

Most (64%) large organizations say SaaS adoption is outpacing security, reports iboss in its new 2018 Enterprise Cloud Trends report. On average, about one-fifth of enterprise applications are SaaS, and the number is expected to hit 36% per business within the next two- to three years.

All of iboss' respondents say there is at least one benefit to using SaaS applications over physical software. Their reasons include speed (71%), user-friendliness (58%), data storage capacity (49%), heightened productivity (43%), and data accessibility (40%). They are most commonly using SaaS for email (63%), data loss prevention (59%), and file sharing (59%).

Employees expect to use SaaS in the workplace and they'll continue to do so. However, 91% of respondents say their organizations' security policies need to improve if they're going to operate in a cloud environment. One in ten says a "complete overhaul" is needed.

Current Tools Aren't Cutting It in the Cloud

Security in the cloud was a challenge for 97% of respondents in a new global survey by Sumo Logic, entitled 2018 Global Security Trends in the Cloud. Most report a lack of tools, cross-functional collaboration, and resources to gain insight into enterprise security.

Nearly all (93%) respondents have issues using security tools in the cloud. About half (49%) say existing tools aren't effective in their cloud environments, stating too many tools makes it hard to know what to prioritize. Forty-five percent say they can't investigate threats in a timely manner because of poor integration. Respondents also say different tools give conflicting information, and cloud-specific tools are both expensive and hard to learn.

"Legacy, on-prem security tools simply aren't designed for the borderless networks most large organizations use today," says iboss cofounder and CEO Paul Martini. "On-prem solutions require all network traffic to be routed through physical security appliances at headquarters, an incredibly expensive and inefficient process."

Sumo Logic found 87% of businesses struggle to use on-prem SIEM in the cloud for several reasons. More than half (51%) say they can't effectively assimilate cloud data and threats (51%), 34% say using on-prem tools in the cloud is too expensive, and 33% say deployment and usage is difficult. Only 17% say they don't struggle to use on-prem SIEM in the cloud.

When the SIEM was originally built, it was intended for security data, says Sumo Logic CSO George Gerchow. It was primarily used by security teams. Now, these systems need to be more transparent so developers and operations employees can access the data. As businesses rely on cloud services like Office 365, Salesforce, and Workday, they're realizing they need to change.

"They're finally starting to learn they need something that's going to be scalable, elastic, and give visibility across modern-day applications," Gerchow explains.

Using on-prem tools in the cloud is expensive, he adds. Collecting data from a cloud-based environment, importing it for analysis, then pushing it back to the cloud is inefficient and costly.

The demands of cloud security are also putting pressure on the structure of security teams. More than 60% of Sumo Logic respondents say cloud security demands broader technical expertise, 54% say they need greater cross-team coordination, and 51% say their staff is overloaded. Overall, 97% of respondents face organizational challenges with cloud security.

Switching to SaaS Security: Why Wait?

Despite the enthusiasm around SaaS applications, around half (49%) of iboss' respondents report they're hesitant to adopt SaaS-based security tools.

"Because they believe every SaaS solution requires them to leverage multi-tenant shared cloud infrastructure, companies are typically hesitant to adopt SaaS security tools due to data privacy concerns," says Martini. Those in industries like financial services and healthcare are also worried about regulatory control, he adds.

However, not switching to cloud-based security will force companies to forego a lot of benefits provided by SaaS applications. More employees demand the flexibility to use cloud applications to work remotely; using on-prem security tools prevents them from doing this securely.

"A risk is in using cloud-based security tools is around knowledge and education," says Gerchow. "We just don't have enough of it out there. Moving to the cloud, [businesses] just don't have the skill sets to understand how these tools work."

Adopting cloud-based security tools may require a learning curve, but Gerchow warns companies that sticking with on-prem tools amid the move to cloud can be dangerous.

"In my mind, the biggest risk is, you'll only be looking at part of the environment," he explains. "You're not going to get a holistic, 360-degree view of what's taking place."

The pressure to embrace SaaS security will increase as companies collect larger amounts of data, Gerchow continues. Cloud-based solutions can scale to handle larger data stores. If you're managing workloads in AWS, for example, and scale from 10 terabytes of data, to 40, to 100, you won't be able to secure it all with an on-prem security system.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for a two-day Cybersecurity Crash Course at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the agenda here. Register with Promo Code DR200 and save $200.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
4/12/2018 | 12:49:31 PM
People are afraid of change
"Adopting cloud-based security tools may require a learning curve, but Gerchow warns companies that sticking with on-prem tools amid the move to the cloud can be dangerous."

This is the most important aspect of the whole document because organizations have not taken the time to fully understand the implications and redesign concepts of the cloud (basically they have not changed their thinking). In this new ecosystem, the cloud is not the all to end all, if you have problems on-premise then the same problems are going to resurface in the cloud due to the bad practices and engineering designs companies have employed at their primary locations.

We need to have an external party, someone who is familiar with cloud design/architecture, implementation, integration and data migration principles. First they would need to perform an assessment, identify any gaps or dependencies associated with the security application, determine (feasibility analysis) if the solution meets their needs, identify costs and then develop a plan to move into that area with a team who is knowledgeable of the intricacies of that CSP (Cloud Service Provider).

If the organizations followed this guidance, then most of the respondents would have a more favorable view of the cloud because it was treated as a project, as history has it, most organizations do not do this, they present the idea to one of their engineers, the engineer has never worked with the provider before, they have to research and figure out how the technology works in the cloud and the cloud application itself, then determine if the application they are used to is provided in the marketplace of that CSP. With all of this, the engineer becomes frustrated and the project is stalled because of the lack of understanding during the inception of the project.

The take away from all of this is as follows:
  • Educate specific members of the organization that you design cloud points of contact
  • Engage a third-party entity to help identify nuances with cloud adoption
  • Develop a 5 point plan using "Agile Scrum" methodologies to help with the deployment process - https://goo.gl/7Bvg6s (Gartner Cloud Adoption Plan)
  • Allow for adequate time to train, test, develop, implement, integrate, deploy your solution in the cloud
  • Finally, document lessons learned and document processes along the way allowing for Standard Operating Procedures (SOPs) to be created during this cloud adoption process

If we follow these steps, I do think the move from on-prem solutions to hybrid off-prem solutions would allow for great understanding and awareness during our journey to Enterprise Global Systems design.

Todd - ITOTS Networks, LLC
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Zero Trust doesn't have to break your budget!
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-17
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive.
PUBLISHED: 2021-06-17
In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF.
PUBLISHED: 2021-06-17
HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.
PUBLISHED: 2021-06-17
An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.
PUBLISHED: 2021-06-17
All versions of package lutils are vulnerable to Prototype Pollution via the main (merge) function.