Originally posted on LinkedIn
This is a complex topic.
There are no easy answers, but the traditional thought is that data kept in inside your data center is safe because it's behind the corporate firewall. That used to be true, but no longer. With sophisticated tools and techniques developed over the last 5 years by organized hacker syndicates in places like those in Eastern Europe, government sponsored hacker groups, and the rise of hacker ecosystems, pretty much any corporate firewall is now vulnerable.
We've seen multiple recent high profile breaches like the ones at Target, Home Depot, and Sony, but most don’t realize just how big the problem really is...
A recent survey conducted by Symantec indicates that cyberattacks against big companies surged by 40% in 2014 and “Five out of six companies employing more than 2,500 people were targets of cyber attacks last year”
If these are mostly attacks on traditional on premise enterprise systems, what does this have to do with cloud computing?
The new model is that one has to assume hackers will at some point penetrate the perimeter firewall and security policies must be in place for every node in the network.
With stagnant budgets, IT departments have struggled to develop and retain the security expertise required to put the effective controls in place that keeps their data secure. This is where cloud and other service providers can help. The way I see it, cloud providers have six major advantages when it comes to security:
- Because security has been such a big issue in cloud computing, cloud providers typically prioritize security higher and invest more resources than the typical enterprise. Cloud technology providers usually build robust security controls in from day one.
- Cloud service providers are targeted far more than traditional enterprises and learn from being involved in these cyberattacks. As a result, they implement controls which are much more stringent than those typically used by enterprise IT departments.
- IT security experts are expensive and can be deployed to help multiple companies utilizing a service provider model
- Cloud providers have the ability to leverage security best practices developed with one customer across their entire customer base
- Cost to develop security models and tools is spread across multiple customers.
- Companies can tap into a set of best of breed IT security partnerships that cloud providers typically develop.
The bottom line is that the people, policies and tools in place to keep your data secure are much more important than the location of the data itself.
Cloud providers are increasingly a key component of companies’ enterprise data security strategy but IT departments still need to own their overall strategy. Here are some of the key components of a data security strategy:
- Data Encryption: If firewalls are now vulnerable, data needs to be encrypted at rest.
- Access control: SSO and other access controls need to be in place as part of an identity management strategy. In the old model, users inside the firewall were assumed to be trusted. In the new model, users are assumed to be untrusted and strict access control needs to be in place at the device level.
- Governance and Audit: Data should not be available to all personnel and copies of sensitive data should tracked and destroyed when no longer needed. Best practices like limiting access to passwords, robust password policies and ensuring that passwords are stored in encrypted data stores are a must.
- Monitoring: Threats coming from both inside and outside the company need to be monitored at the device level.
- Testing – All IT departments should have a rigorous penetration testing strategy for both on premise and cloud environments.
By working with the right cloud provider, the task of securing your enterprises’ sensitive data can be made easier. Thanks to Jim Page for asking the question that inspired me to write this post.