Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

the cloud

Visibility and control in the public cloud is possible – And it must be unified and contextual

960 640 Stuart O'Brien

By Josh WIlliams, Senior Sales Engineer, Cloud and Automation Solutions at FireMon

Anyone who works in enterprise technology has heard the joke that the cloud is just someone else’s computer. But if we’re being serious, there’s some logic to letting security professionals see cloud instances as just another computer to be viewed as part of their growing network infrastructure. 

We also know the public cloud is different when it comes to security. A key theme from our annual State of Hybrid Cloud Security survey two years running is there’s a lack of clarity around shared security responsibility for public cloud platforms that are being rapidly adopted at the pace of business. Every platform, including Amazon Web Services (AWS), Microsoft Azure or Google Cloud, does security configuration differently, and every FireMon customer is unique when it comes to what they opt to put in the cloud — computing, storage and networking — and what they keep on-premise. 

For the foreseeable future, most enterprises are going to have a hybrid environment, and security professionals want to see any public cloud instance as a piece of the overall puzzle, not a separate puzzle, or worse yet, several puzzles. They need complete visibility, especially as hybrid clouds continue to scale, so they can keep a handle on complexity. 

Public cloud adds security pain points that must be solved 

Extending FireMon’s capabilities to the cloud is a necessary and inevitable next step for addressing the pain points security executives must address as organizations embrace cloud-first strategies and their own digital transformation agenda.  

Security professionals are tasked with applying controls and enforcing governance in public clouds to meet compliance obligations and mitigate risk just as they do with legacy and on-premise infrastructure. Security teams are also expected to enable access to cloud applications without becoming a barrier to the business while still maintaining network and security hygiene. The frequent and rapid changes that are today’s norm must also be managed and documented within budget and resources constraints, including staff that are often stretched too thin. 

These pain points impact several members of the C-suite, including CISOs and CIOs focused on security and compliance in the public cloud, CIOs focused on network infrastructure and operations, and the Chief Digital Officer driving digital transformation efforts. More broadly, the growing complexity and scale of hybrid clouds affect network operations leaders, DevOps, application teams and lines of business, who all face pressure to increase their speed of delivery. 

The proliferation of public cloud instances adds even more complexity and diversity to an infrastructure that now encompasses on-premise data centers, virtualized environments, software defined networks and the public cloud. Visibility across this dynamic environment is paramount if security teams are to enforce policy-driven control continuously across the entire hybrid environment as frequent changes are made. 

Right now, customers find themselves doing all this with multiple tools with no unified user interface for managing different deployments, and little to no automation. They are constantly having to find the right piece to a puzzle that’s always changing as workloads migrate to the public cloud, often quickly and without the proper guardrails in place because it’s so easy for business users to spin up a new application. Even with automation, checks and balances must be put in place to make sure the organization isn’t exposed to new security risks. Most of all, applying security can’t be an afterthought; customers are looking to automate their entire policy management workflow continuum, not just the last mile policy push. 

View public cloud security with context 

FireMon’s solution to the pain points amplified by the growing scale and complexity of hybrid cloud doesn’t mean we’re shifting our focus to cloud only, nor is it to introduce products specifically for cloud platforms. Rather, our strategy is to extend visibility to the commonly deployed public cloud platforms our customers need to see and manage. In all seriousness, a public cloud instance must be seen as just someone else’s computer on the network, but with the context security teams need. 

FireMon is essentially extending intelligent security automation so customers can see the cloud the way they’ve been able to see their on-premise infrastructure. But because each public cloud is different when it comes to configuring security, we’ve done the necessary remodeling work behind the scenes to give customers the visibility they want with the context they need. We support workload migrations to public cloud platforms such as Azure and AWS by normalizing and unifying security policies, so customers are compliant throughout any change process. 

FireMon didn’t need to become a cloud vendor to offer a single, infrastructure-agnostic platform to design, implement, and validate security policies across the environment. Not only does extending our security management platform for on-premises and the data center to public cloud make it unique, it also negates the need for customers to license multiple products for different deployment models.  

Hosted Security Landscape Report: Key insights for 2020

960 640 Stuart O'Brien

A new whitepaper has detailed market analysis of attitudes towards cloud adoption and purchasing behaviours behind hosted physical security from 1000 IT decision makers from across Europe.

The in-depth survey, undertaken by Morphean, a provider of hosted security solutions, illustrates a market that has overcome initial concerns about cyber-security, has understood the clear benefits and will be seeking to adopt such solutions at pace in 2020.

The independent survey of key decision makers within companies from UK, France and Germany with more than 50 employees clearly shows better security, cost benefit and better functionality to be the most influential factors and the most commonly realised benefits of hosted security solutions including video surveillance as-a-service (VSaaS) and access control as-a-service (ACaaS). These solutions are part of a cloud security market that is expected to grow from USD 4.1 billion in 2017 to USD 12.7 billion by 2022, at a CAGR of 25.5%.

The ‘2019 Landscape Report: Hosted Security adoption in Europe is the second study of its kind by Morphean, and facilitates a better understanding of market trends with comparative data from 2018. It revealed that 84% of IT managers are currently using (48%) or considering using (36%) a hosted security solution, which is broadly consistent with the 89% who said they would consider such a solution last year. It also shows that better security ranked #3 among the main benefits realised by the cloud (44%) compared to 27% in 2018; representing a 63% increase in the year and shift in perception around cyber security concerns.

2019 key survey findings include:

  • Better security, cost benefit and better functionality are viewed as the most influential factors AND the most commonly realized benefits of hosted security solutions 
  • Half of respondents cited better security as the #1 benefit of using VSaaS / ACaaS; better functionality (42%) and cost benefits (38%) placed #2 and #3 respectively
  • Half of IT managers have identified data / information security as a priority for improvement in the next 12 months
  • 84% of IT managers are currently using (48%) or considering using (36%) a cloud-based video surveillance or access control solution
  • Of those still considering VSaaS and ACaaS, 79% anticipate introducing these solutions to their business within 12 months
  • 77% of IT managers report that physical security is not optimized; 20% have identified physical security as a priority for improvement in the next 12 months

Rodrigue Zbinden, CEO, Morphean, said: “Our research clearly points to a market that is overcoming initial concerns about cybersecurity, understands the clear benefits of hosted services and reflects growing confidence and purchase intent for 2020. The increased appetite for hosted security presents an opportunity for us to work with businesses to help them improve their physical security, while also educating them on the potential business intelligence benefits offered by surveillance and access control solutions when integrated in the cloud.”

The growing confidence in cloud seems to translate into more positive purchasing intentions around hosted security solutions with 77% of IT managers reporting that physical security is not currently optimized and one in five identifying it as a priority for 2020. Of those considering hosted security solutions, 4 in 5 (79%) anticipate introducing them to their business within a year. While this clearly represents an opportunity for the IT reseller community to enhance its service offering, the report does highlight two trends that may inhibit growth; the first being the physical securityindustry’s ability to adopt the as-a-service business model; the second is system integration with emergent technology such as AI.

Alex Hilton, CEO of The Cloud Industry Forum, added: “With cloud technology we have a toolset that changes the way businesses think and act, ensuring a competitive landscape for years to come. Morphean’s latest research reveals that decision makers are seeing better security, cost benefits and improved functionality as a result of a switch to cloud-enabled security solutions. Cloud presents very real opportunities, but vendors need to hone their offerings and capabilities in order for its full potential to be realised across all markets and sectors.”

The Morphean survey also found that there has been a 5% drop in cloud investment over the past year. In 2018, 33% of the IT budget was spent on cloud services over the previous 24 months and this figure has dropped to 31.38% for 2019. This is in spite of the fact that the majority of respondents (78%) had said that they expected cloud related spending to increase due to the favourable benefits it presents. It’s not the only contradiction found in the report.

Cloud is key to driving operational performance, and yet 78% of IT managers felt that this area of the business was underperforming while only 36% identified it as a priority for improvement.

Cybersecurity’s biggest asset: Why use the cloud?

960 640 Guest Post

The cloud is one of those hot buzzwords that gets thrown around a lot both in the tech world and in our daily lives.

No longer reserved for IT departments alone, the cloud has become something that we depend upon greatly, especially in the way companies go about their business. And it’s about to become even more important.

In fact research shows that companies are looking to drastically increase their investment in the cloud in the coming years. Morphean recently conducted an independent survey of more than 1500 IT decision makers across Europe to discover their views on cloud services. The survey reported:

  • 78% expect their spending on the cloud to increase in the next two to five years
  • 47% said their internal data would be cloud processed within the same time frame
  • 45% said they would definitely consider migrating their physical security systems, such as video surveillance, to the cloud

There’s no doubt that the cloud is becoming a more important part of everyday business dealings, but some people still have reservations about the safety of this storage system, and whether or not it is worth it. We believe it is, and let us tell you why. 

But what exactly is the cloud?

Short for ‘cloud computing’, the cloud is essentially a terrestrial home for your data. So instead of being stored on the computer in front of you, it’s stored somewhere else, or in multiple places, and it is up to a network of servers to take you to it.

Some everyday examples you may recognise include the Apple iCloud, Dropbox, Google Drive, Microsoft OneDrive, and even Netflix.

Is the cloud the future of cybersecurity?

Unfortunately, the cloud has received some negative press in the last few years in regards to security and safety. In fact, according to the Morphean survey, 45% of people cited security risks as being their biggest obstacle to instigating a full move across to the cloud. 

The only way to truly protect your information is to lock it up underground, but you can rest assured that the cloud is far safer than information stored on a local device. Cloud computing services have more complicated security methods in place than the average computer owner can come up with. Any wannabe hackers would then have to get past the cloud system’s first line of defence; encryption.

Encryption is the practice of using complex algorithms to protect your data. In order to get past these algorithms, the hackers would need something called an encryption key. 

But it’s not all down to these intricate and convoluted systems. In fact one of the biggest threats to cloud security is the barriers set by individual people. In other words, easy-to-guess password and security questions. 

Above we talked about negative press aimed at the cloud over the past few years, most notably the infamous Apple hack where celebrities had photos stolen and leaked. The media reported that the cloud had been hacked, which led to a drop in public confidence and has no doubt contributed to people’s existing fears. In reality the cloud itself wasn’t hacked, but rather the accounts of individuals who used the cloud to store their data.  

The truth is that the cloud is incredibly safe and secure, but it’s up to individual users to do their part. That means choosing strong passwords by adding letters, numbers and symbols, using different passwords for different accounts, and avoiding using passwords that relate to your personal life.

But if that’s not enough to convince you of the cloud’s excellent security systems, did you know that online retailing giant Amazon runs its entire business off of its own cloud service, AWS? 

Other benefits of using the cloud

It’s not only the increased security that comes along when you start using the cloud. Here’s a few more that you can expect for your business.

Continuity

No matter what kind of industry you are in, having a continuity plan in place is vital for protecting your sensitive data and systems. Disasters can strike at any time and for a whole multitude of reasons, ranging from the weather and natural disasters to power failures. By having your information stored off-site in the cloud, you can rest assured that it is backed up and protected in a secure and safe location. Even if you have to move office, you will be able to access and download your data from any location with internet, therefore minimising your downtime and avoiding loss of productivity.

Working flexibility

The world is getting smaller. Not literally of course but modern technology is drastically reducing businesses’ needs for a physical office with staff present 100% of the time. The cloud helps to make this even more possible by granting flexibility in staff’s working practices. Once employees are able to access their work from home, on their commute or even on holiday – anywhere with an internet connection – suddenly the whole world is your office.

Scalability

When it’s time to scale your business up, purchasing and installing upgrades to your storage needs can be both expensive and incredibly time consuming. But when you work with the cloud, everything can be done quickly to suit your exact needs. Whoever provides your cloud computer services will be able to handle all upgrades for you, leaving you free to get on with the important task of running your business.

It’s natural for any business owner to be concerned about the safety and security of their important data. Your business is your baby, and you of course want to protect it. The cloud is undoubtedly the best option and as research shows, more and more businesses will be placing their trust in this extraordinary technology, for more than its safety benefits, to further their growth and secure a strong future.

Image by Patricia Alexandre from Pixabay

INDUSTRY SPOTLIGHT: EveryCloud – Email Security

960 640 Stuart O'Brien

EveryCloud partners with Gartner and Forrester cloud security leaders to access, compare and improve your cloud security capabilities.

We assist you to build combined solutions from products that suit your needs and goals and assist with GDPR data protection compliancy. From Cloud Access Security (CASB), Identity Access Management (IAM) and Email & Web Security, our solutions offer you the full protection and control to keep your business safe.

Solution Focus:

We assist business’ to secure their mailbox and not just their email server! Providing up to the minute intelligence and protection from mature and emerging threats.