Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
2/7/2018
09:00 AM
Paul Martini
Paul Martini
Partner Perspectives
Connect Directly
Twitter
RSS
50%
50%

Top Cloud Security Misconceptions Plaguing Enterprises

Contrary to popular opinion, there is no one single cloud. There are a wealth of cloud-based providers that own dedicated server space across the globe. Here's how to find the best fit for your company.

Despite all the buzz over the past decade, the cloud remains a bit of a mystery for many users who rely on it day-to-day. The cloud has made it easy for companies to embrace a number of "as-a-service" technologies seamlessly and lowered cost by eliminating the need to purchase security tools and appliances.

Yet adopting cloud operations blindly – as with any new workflow or technology – comes with risks. This is especially important in the context of how these tools are delivered, and whether they are a good fit for an organization based in specific needs.

All Clouds Are Not Created Equal
For starters, there is not just one single cloud. There are a wealth of cloud-based security providers that own dedicated server space across the globe, and each of their offerings is unique based upon their own business focus and target demographics. The cloud providers operating most widely in the enterprise are shared-tenant cloud environments where customers’ data and information is managed in one database and controlled using the same central operating system.

While a shared environment may not be much of a concern when cloud applications are used for programs such as marketing, that don't involve customer data or other personal identifiable information.  However, there may be significant impacts on enterprises who store and manage customer data in the cloud, for example, when security tools might redirect a customer’s traffic from one jurisdiction to a data center in a location with a different set of compliance standards. If a business operates within an industry that is privy to heavy regulations – especially where geolocation and PII sharing is concerned – they need to be sure their cloud provider isn’t bringing the data to a location that leaves them exposed to noncompliance penalties.

A prime example of this is the increased regulations stemming from Europe’s General Data Protection Regulation (GDPR). The GDPR  – which dictates strict rules about collecting personally identifiable information (PII) – further complicate  the issue of protecting customer data in the cloud. When a customer’s data is in a multi-tenant cloud that is shared, the ability to isolate a customer’s data becomes difficult. Next-generation cloud security solutions are making fast-work of addressing this, by leveraging multi-tenant cloud platforms with non-shared architectures, which give each customer their own operating system for content management and control.

Synchronized Management Workflow
A significant concern when implementing cloud security solutions from a multi-tenant shared cloud provider is that these tools might force organizations to employ a number of non-compatible security solutions, requiring multiple management consoles that create a disjointed workflow. For instance, in situations where organizations are collecting highly sensitive information, they may require an on-premises secure web gateway to ensure that data is isolated from outside traffic. The traditional ‘hybrid’ solution – using cloud-based and on-premises security tools to vet traffic –doesn’t provide a seamless view across the organization, resulting in security blind spots that impact the ability of teams to respond to an incident.

The majority of newer cloud security solutions within the industry decouple the physical from the virtual and provide a multi-tenant cloud with non-shared resources that deliver the best of both worlds. The result is greater visibility across the organization, shorter incident response times and substantial cost savings by avoiding the need to purchase appliances. Businesses need to consider protections that can align their security mission without forcing teams to continually purchase hardware and overcomplicate their security infrastructure. 

Paul Martini is the CEO, co-founder and chief architect of iboss, where he pioneered the award-winning iboss Distributed Gateway Platform, a web gateway as a service. Paul has been recognized for his leadership and innovation, receiving the Ernst & Young Entrepreneur of The ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
Box Mistakes Leave Enterprise Data Exposed
Dark Reading Staff 3/12/2019
How the Best DevSecOps Teams Make Risk Visible to Developers
Ericka Chickowski, Contributing Writer, Dark Reading,  3/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.