Cloud security is no longer an afterthought
- 17 November, 2020 16:15
The cloud is a necessary solution for many companies but it also offers up challenges, as well. Today, infosec professionals are faced with navigating the fine line between the two as organisations shift their workload to the cloud, often faster than originally planned, due to a pandemic that left employees working in remote locations.
Before the pandemic, the shift to cloud and hybrid environments was progressing rapidly but there wasn’t the instant pressure to do so that came with the arrival of COVID-19. People began working from home in droves, and the cloud infrastructure was no longer adequate. In fact, it is estimated the typical IT infrastructure is enlarging by 29% per cent, driving the need for more security.
A report from cybersecurity and anti-virus software company, BitDefender, says 50% of organisations had no contingency plan to address a situation such as COVID-19. This was aggravated by a massive increase in cyberattacks during the pandemic, according to 86% of respondents surveyed for the study.
IT security teams now have to deal with problems that would have been impossible to anticipate only a year ago. By far, the most significant issue is associated with remote workers, who drive the need for cloud-based solutions.
It’s not just a problem, but a massive hurdle for SOCs everywhere.
There were always problems associated with bring your own device (BYOD), but it’s now approaching the new norm, as many people use personal devices in the same network as work computers. According to BitDefender, the pandemic has prompted a 114% jump in remote workers and a 59% increase in BYOD policy adoption.
The rapid shift to cloud-centric operations, for both the corporate network and its accompanying security, took organisations by surprise. Even though security struggled, at times, to keep up, companies moved on with cloud migration.
The use of Internet of Things (IoT) devices wasn’t surprising, but the lack of security around them was. Security professionals now deal with a massive increase in attacks coming from IoT bots. Dealing with IoT attacks has switched from occasional events to run-of-the mill daily occurrences.
Learning from past experiences and planning for the future is a cornerstone of cybersecurity and the top three challenges for enterprise IT security teams are clear, according to BitDefender. The most direct threats to companies whether they choose a cloud-based approach, on-premise or a hybrid of the two, are: An increased volume of threats and security incidents; insufficient secure remote access/virtual private network (VPN) capacity; and increased risks due to unmanaged devices.
Outside of these immediate threats there is a potential security nightmare looming – misconfigurations such as open ports or default passwords.
Figuring out how to protect a cloud-based infrastructure is a complex proposition. When coupled with the rise in security incidents associated with remote-work conditions, IT decision-makers have begun warming up to cloud security.
Using the largest security intelligence cloud, with more than 500 million machines protected, the Bitdefender Global Protective Network performs 11 billion queries per day and uses machine learning and event correlation to detect threats without slowing down users. Organisations looking to protect their cloud deployments have instant access to this resource.
Moving operations to the cloud has been a challenge for many years, but at least it was happening at its own pace. Even though security is always a top-of-mind issue in cloud deployment, the pandemic made that decision for organisations that are now hurrying to protect remote workers and minimise the attack surface by choosing the right security for the cloud.
