Data breaches are practically a daily news item in the IT world. They’re impacting every type of business from the small startup to global enterprises. Just this past week, news of breaches impacting popular restaurant brand Panera Bread and Under Armour’s MyFitnessPal health tracking service made headlines as well over 150 million customer records were exposed to unknown malicious parties.
This figure isn’t exhaustive either. While some indirect costs have been considered, others have not. For example, legal fees and the work required to correct the vulnerability that caused the breach, brand recovery efforts such as PR response, and an overall loss of sales as customers turn to alternative companies with better security track records have not been accounted for.
For many firms, the cloud is a secure alternative to a traditional network infrastructure.
The Cloud as a More Secure Alternative
Security is often perceived as a top concern about the cloud when it is one of the primary reasons why companies should go to the cloud. Through 2020, public cloud infrastructure as a service (IaaS) workloads will suffer at least 60% fewer security incidents than those in traditional data centers.
Per Gartner, “Many organizations are paying an opportunity cost by allowing unwarranted fears about security to inhibit their use of public cloud services.” January 2018 Clouds are Secure.
One of the ongoing issues with cloud adoption is the perception among enterprises that the cloud is inherently insecure when compared to on-premise architecture. In fact, a Gartner survey taken in 2014 stated that 63% of organizations identified “security and privacy concerns” as a top inhibitor to public cloud adoption. A year later, the survey again revealed the same percentage citing security concerns.
An Alert Logic report analyzing 2.2 million security incidents over a multi-year period found that enterprises operating on-premise architecture experienced 50% more security incidents than ones that operated exclusively in the public cloud. Hybrid networks, mixing local and remote servers, were more than twice as likely to experience security issues.
Breaches in on-premise architecture are common because virtually every company creating its own in-house solution is reinventing the wheel by establishing the same security practices as the organization next to it, from scratch in many cases.
The cloud offers a unique opportunity. It acts as a series of giant, shared data centers with trained staff using established security practices to ensure that every user has the same access to industry-leading security measures.
Securing the Cloud Means Knowing How to Configure It
The challenges facing organizations with securing the cloud comes down to the proper configuration.
When you hear about a breach involving an organization running on a public cloud service such as AWS or Google Cloud, the culprit is almost always a flaw in how that organization configured their cloud solution.
Tesla was recently affected by a rash of cloud-specific hacks known as crypto jacking. A hacker, or group of hackers, took advantage of an unsecured Amazon S3 storage bucket to gain access to Tesla’s sizable cloud network within AWS. The hackers then used that access to commit cloud resources to mining for cryptocurrency under the radar.
In this case, not only were sensitive materials made accessible to intruders, but the company ended up paying for compute that was utilized to put virtual currency in the pocket of a malicious actor. It wasn’t until RedLock, a third-party security researcher, discovered the hack that Tesla reconfigured its cloud resources and secured their network.
A similar incident occurred involving FedEx and 150,000+ customer documents that were accessed by hackers after it was discovered that another S3 instance. This one was originally configured by a company that FedEx later acquired, and was overlooked and left open for some time until the breach was uncovered by researchers at the Kromtech Security Center. Like Tesla, an unsecured Amazon S3 storage server was found to be the culprit.
These breaches, and an untold number of others like them, come down to knowing how to properly configure the service. The cloud is remarkably secure, especially when organizations choose to utilize the expertise of a knowledgeable broker. Someone that is platform agnostic and able to find the best possible solution that takes into account costs, functionality, and security.
There are many considerations regarding security including unauthorized modification of records, stealing of confidential data, inappropriate use of services [e.g. use of Tesla’s servers for Bitcoin mining], and inappropriate access for users for their level of authority, in addition to the unintended release of personal information.
Security is not just physical security. Strong security procedures include keeping up with the latest software patches at all levels of the architecture, including, but not limited to operating systems, networks, firewalls, databases, and individual applications. It’s a lot to keep up with. Just tracking these requires software applications, tools, and processes to stay on top of all the potential risks in your system.
Security only becomes more complicated with additional facilities (e.g. redundancy and backup) and more people, places, ports, and facilities to maintain.
This is where a knowledgeable broker, like DoubleHorn, can help. With years of experience and up-to-the-minute knowledge of the security landscape of the cloud across numerous top providers, a broker can steer you into the right solution for your organization.
Security breaches are detrimental to a brand’s trust with the public. Not only does it reflect poorly on the business’ reputation, but each incident opens an organization to legal actions and other significant costs that extend well beyond the initial event.
In-house IT resources are an excellent step to creating a secure network both within your organization and in the cloud. However, having a guide at your side that understands the ins and outs of cloud security across multiple providers will better position your organization to prevent costly breaches and other security incidents from setting your business back.
DoubleHorn combines a data-driven approach to security and cost optimization what ensures that your business will not only have a solid data security solution in place but that you will save money while doing so.