New Approaches Needed to Address Cloud Security

The shift to the cloud has significantly increased the risks to data security, although the cloud itself is not necessarily to blame. As has been demonstrated, many cloud purchases are made outside the control or oversight of IT, creating a dangerous Shadow IT environment that, when left unmanaged, places corporate data at risk. At the same time, organizations have struggled to adapt their security technologies, with legacy security tools leaving gaps in data security.

In an article on Search Cloud Security, columnist Jaikumar Vijayan spoke with a number of security experts about the challenge traditional security tools have in addressing the risks associated with the cloud environment. Although much of the article looks to a full cloud service adoption, the same struggles apply to the use of SaaS cloud applications, particularly given that the average organization can have up to 841 cloud apps in use.

SANS analyst Dave Shackleford noted  that “among the key security capabilities missing in modern dynamic data centres and clouds are visibility, rapid attack identification and fast, accurate and automated containment.”

Challenges in Cloud Security

Another major note was that cloud infrastructure “will never protect itself” and that relying on in-built security is a major security oversight that many organizations are making.

The article notes that visibility is one of the key challenges in cloud security:

Back when everything was on premises and there was a perimeter around your applications and infrastructure, it was easy to see all of the data flows into and outside of the organization and keep tabs on who was accessing what, where, when and how.

That task becomes more complicated when some of your data and applications are on premises and the rest are in the cloud and people are accessing them from PCs and mobile devices from behind the firewall and from outside.

Visibility, delivered in real-time in a simple cloud-based interface, is what we offer here at Absolute. Absolute DDS offers true visibility into the endpoint: the device, the data it contains, the data held in the cloud, and even the applications themselves. Identify risk conditions and receive a notification if these conditions occur. Scan for sensitive data on the endpoint or on cloud storage applications and tailor your security response based on the results. Validate the status of complementary security applications such as encryption, anti-malware, and SCCM with an automatic zero-touch reinstallation if these applications are tampered with.

With Absolute Data & Device Security (DDS), you can simplify visibility into both the endpoint and the cloud. Learn more at Absolute.com

ABOUT THE AUTHOR

Arieanna Schweber

Arieanna Schweber has been a part of the Absolute writing team since 2007. Arieanna was Canada’s first female professional blogger and has been professionally blogging since 2006 and has spoken at leading blogging conferences including BlogHer and Northern Voice. Arieanna has a joint degree in Business and Communications from Simon Fraser University and continues to build communities for Vancouver-based clients.