Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
On-Premise Security Tools Struggle to Survive in the Cloud
Newest First  |  Oldest First  |  Threaded View
tdsan
50%
50%
tdsan,
User Rank: Ninja
4/12/2018 | 12:49:31 PM
People are afraid of change
"Adopting cloud-based security tools may require a learning curve, but Gerchow warns companies that sticking with on-prem tools amid the move to the cloud can be dangerous."

This is the most important aspect of the whole document because organizations have not taken the time to fully understand the implications and redesign concepts of the cloud (basically they have not changed their thinking). In this new ecosystem, the cloud is not the all to end all, if you have problems on-premise then the same problems are going to resurface in the cloud due to the bad practices and engineering designs companies have employed at their primary locations.

We need to have an external party, someone who is familiar with cloud design/architecture, implementation, integration and data migration principles. First they would need to perform an assessment, identify any gaps or dependencies associated with the security application, determine (feasibility analysis) if the solution meets their needs, identify costs and then develop a plan to move into that area with a team who is knowledgeable of the intricacies of that CSP (Cloud Service Provider).

If the organizations followed this guidance, then most of the respondents would have a more favorable view of the cloud because it was treated as a project, as history has it, most organizations do not do this, they present the idea to one of their engineers, the engineer has never worked with the provider before, they have to research and figure out how the technology works in the cloud and the cloud application itself, then determine if the application they are used to is provided in the marketplace of that CSP. With all of this, the engineer becomes frustrated and the project is stalled because of the lack of understanding during the inception of the project.

The take away from all of this is as follows:
  • Educate specific members of the organization that you design cloud points of contact
  • Engage a third-party entity to help identify nuances with cloud adoption
  • Develop a 5 point plan using "Agile Scrum" methodologies to help with the deployment process - https://goo.gl/7Bvg6s (Gartner Cloud Adoption Plan)
  • Allow for adequate time to train, test, develop, implement, integrate, deploy your solution in the cloud
  • Finally, document lessons learned and document processes along the way allowing for Standard Operating Procedures (SOPs) to be created during this cloud adoption process

If we follow these steps, I do think the move from on-prem solutions to hybrid off-prem solutions would allow for great understanding and awareness during our journey to Enterprise Global Systems design.

Todd - ITOTS Networks, LLC


News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...