With January rapidly becoming a distant memory, and as all those New Year good intentions get left by the wayside, I am pleased to report the race to the cloud continues apace. But as enterprises embrace the cloud to help their businesses become more agile and responsive, they invariably encounter more security threats and become more susceptible to breaches from multiple channels. Legacy security technologies simply lag behind, as they just weren’t designed to deal with these threats. So in this complex world, what do we think are the big up and coming cloud security trends? Here we take a look at our top five…
Ransomware – will continue to be a big fear for everyone, and the bad guys continue to come up with new ways of securing their income. Ransomware will begin to be supplemented with ‘extortion attacks’ – we are already seeing attackers holding their victims hostage by threatening to publish compromising data.
Identity theft – the easiest way to get access to data and systems is by stealing or guessing someone’s information and walking in through the front door. Therefore investment in more sophisticated and adaptive multi-factor authentication solutions will become increasingly more important.
CASB and cloud application control (CAC) – with cloud application adoption growing, there has been a big shift in how BYOD endpoints need to be secured and managed. Organizations need greater visibility and better control of the use of cloud apps across all devices, regardless of where users are. Gartner says over 25% of enterprises will trash old security solutions in favour of securing access to cloud-based services using a Cloud Access Security Broker (CASB) or CAC platform.
Increasingly sophisticated hackers and unpredictable employees – put organizations at risk. In some ways we’ve made the job of cyber criminals easier by over complicating how we approach security. Point solutions that only protect against a specific type of threat had their place, but they don’t work together and leave blind spots that can be exploited. We need to see into every corner and every crevice, so there is nowhere for the criminals to hide. CIOs need a single pane of glass that gives them total visibility and control of web, cloud applications and email.
Encryption of cloud data is not a magic bullet – it’s official. Data has left the building and has moved into vast data centers run by some of the largest companies on earth. How do we keep that precious company data safe when prying eyes hidden in a world of VPNs, bulletproof hosting and dark forums are watching? Encryption is often touted as the hero, a technique shrouded in brain melting complexity. But the nature of encryption means it isolates data, keeping it locked up in solitary confinement at a time when data needs to be easily accessible if it’s to have value. You don’t just need encryption – give people the tools to make the most of their data, rather than just locking it up in a bunker.
The cloud landscape is innovating more quickly than discount Macs fly off the shelves at an Apple store sale. And as quickly as it innovates, so too do hackers’ methods to access or steal that data or breach corporate networks. That’s why you, as the IT professional, have to be all over your company’s cloud strategy, and always looking forwards, scanning for the big trends on the horizon.