Cloud Security
It was estimated that by the end of 2015 90% of UK businesses will be using at least one cloud service with many businesses adopting numerous applications. In short, the cloud is fast becoming the new ‘norm’ of the business world.
A key selling point of cloud computing is that businesses can access data from anywhere. It offers reduced costs, and easier scalability, amongst other benefits.
However, all too often businesses deploy Cloud systems without first considering security; instead relying on their Cloud providers to protect aspects of their infrastructure from cyber-crime.
Yet it would seem Cloud providers have other ideas when it comes to security and it’s your job to know where the Cloud providers’ security responsibilities end and yours begins.
For example, Cloud providers are unlikely to verify the security of your written application layer code since this is clearly your responsibility and not that of your provider. If attackers compromise the data held in the application layer, it is of limited concern to the Cloud provider.
David Howorth, VP EMEA at Alert Logic discussed in a recent interview with IPProPortal the recent security issues businesses are up against and what you can do to protect your business from hack attacks.
‘Top cyberattack methods aimed at cloud deployments grew 45 per cent (Application Attacks), 36 per cent (Suspicious Activity) and 27 per cent (Brute Force attacks) respectively over the previous year, while top attacks aimed at on-premises deployments remained relatively flat. We attribute this increase in cloud attacks as being driven by the overall strong adoption of cloud computing platforms. In other words, cybercriminals are logically attempting to break into a growing number of applications being deployed in the cloud.
So what can we do to protect our business against cyber-attacks?
‘There are a number of steps organisations can take to secure their IT infrastructures. Two key areas of focus are understanding the shared security model and knowing your threat profile. Public cloud computing platforms like AWS and Rackspace provide security controls that typically protect the physical, perimeter network and hypervisor layer but customers carry the responsibility for protecting applications, data and network infrastructure on top of that cloud platform. Cloud platforms as well as traditional, on-premises security tools do not extend to cloud applications. It’s key that you employ security tools and services built in and specifically for the cloud for cloud applications.’
In conclusion, it would seem that many of the security concerns associated with the ‘Cloud’ can be resolved by implementing a proper security policy and not relying on your provider to protect your business for you. Doing so it will give you peace of mind that your data can’t be compromised.
If you are considering a move on to “The Cloud” and want to know more about how to protect your business then please contact us for some free expert advice at 0345 389 2310. Alternatively, if you are already working from the Cloud but just want to make sure you are properly protected, then get in touch and we will be happy to advise you on what is best for your business. You can also visit our Cloud Phone Systems page for more information.
