Securing the Hybrid Cloud: Data breaches, ransomware, phishing and more
As enterprises continue to develop their hybrid cloud architectures, more sensitive information has the potential to become exposed. Learn about the current compliance issues and how enterprises are approaching their security protocols as their hybrid clouds develop and expand
Managing risk
One of the most reliable methods of securing a hybrid cloud is to use least privilege access where only those workers who need access to specific areas of the network can use specific tools, which in turn, connect to specific datasets.
Endpoint security should also be maintained. The fact that these endpoints expand in a hybrid cloud infrastructure should mean the endpoint security protocols also expand accordingly.
As data is often the target of malicious attacks, in a hybrid cloud environment, full data encryption should always take place as data moves between the public and private components of the cloud. Also, full data backup should be included in your security policy, as cyberattacks can result in losses of data that will need to be recovered.
Also, CIOs and their CTO colleagues faced with a new security landscape that is continually changing as their hybrid cloud deployments expand, are increasingly looking for automated services to help them manage their systems as François Amigorena, CEO and Founder of IS Decisions explained to Silicon:
“We’re seeing an increase in demand from CIOs who want to use automated systems to manage their hybrid cloud storage deployments. This is particularly evident when it comes to data protection. CIOs want technology that can proactively track, audit and report on all access to files and folders — no matter if that access was on on-premises storage or third-party cloud storage like Dropbox for Business, Google Drive, or Box.”
Amigorena continued: “What’s more, CIOs expect to be alerted in real time to any suspicious file activity so that they can do something about it right away. We’re now starting to see separate technology coming into play that provides a consistent view of file access across all storage services with one consolidated dashboard. These systems are also enabling CIOs to delegate the responsibility of administering file access to those that are more actively involved in the organization — those who can make better decisions for what ‘normal’ access looks like, while also making it easier to spot anomalies more quickly.”
This move to more automation was also reiterated by Liviu Arsene, Senior E-Threat Analyst at Bitdefender who commented: “Security automation is also fuelled by the current skill gap and security workforce shortage, which pushes organizations and CIOs to address the gap with technologies designed to alleviate some of that pressure. An added benefit of automated security systems is that it can also reduce operational costs usually associated with staff, while allowing current IT and security teams to focus more on the strategic impact of deploying new security technologies and increasing the overall cybersecurity resilience of the organization to attacks, rather than having them constantly put out fires.”