E-Guide CLOUDS ARE MORE SECURE THAN TRADITIONAL IT SYSTEMS -- AND HERE S WHY

Similar documents
SSL Certificate Management: Common Mistakes and How to Avoid Them

NETWORK-BASED CONTROLS: SECURING THE INTERNET OF THINGS

SUPPLEMENTARY DEFENSES FOR ENDPOINT SECURITY

BRING SPEAR PHISHING PROTECTION TO THE MASSES

ADDRESSING TODAY S VULNERABILITIES

MANAGING ENDPOINTS WITH DEFENSE- IN-DEPTH

Utilizing Windows Server 2012 without the GUI Key workarounds for avoiding the Modern UI

AS ATTACKERS TARGET APPLICATION CODING ERRORS, ARE STATIC ANALYSIS TOOLS THE ANSWER?

PREVENTING PRIVILEGE CREEP

E-Guide WHAT WINDOWS 10 ADOPTION MEANS FOR IT

Server Hardware for Virtualization: Exploring the Options

SECURITY MONITORING: BE EVERYWHERE AT ONCE

WHAT NETWORK VIRTUALIZATION TECHNOLOGY CAN DO FOR YOUR NETWORK TODAY

VMware vsphere Beginner s Guide

Desktop Virtualization: What Windows Managers Should Know

Solid State Storage: Trends, Pricing Concerns, and Predictions for the Future

AUTHENTICATION AND AUTHORIZATION: TWO SECURITY ESSENTIALS THAT WORK TOGETHER

KNOW THE FEATURES OF WINDOWS SERVER 2012 R2

10 Cloud Storage Concepts to Master

BEST PRACTICES TO PROTECTING AWS CLOUD RESOURCES

LESSONS LEARNED FROM AN OFFICE 365 MIGRATION

E-Guide BENEFITS AND DRAWBACKS OF SSD, CACHING, AND PCIE BASED SSD

Identify and Eliminate Oracle Database Bottlenecks

TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS

Requirements for virtualizing Exchange Server 2010

Best Practices for the Hybrid Cloud

Storage Virtualization Explained

SDN Technologies Primer: Revolution or Evolution in Architecture?

Evaluating the Security of Software Defined Networking

Disaster Recovery Planning: Weighing your customer s options

BUYING SERVER HARDWARE FOR A SCALABLE VIRTUAL INFRASTRUCTURE

E-Guide DATABASE DESIGN HAS EVERYTHING TO DO WITH PERFORMANCE

Disaster recovery planning for health care data and HIPAA compliance regulations

An introduction to the VDI landscape

ADOPTING FIDO SearchSecurity

A primer to SQL Server 2012

STORAGE NETWORKING TECHNOLOGY STEPS UP TO PERFORMANCE CHALLENGES

The Emergence of SDN in WLAN

Protecting This House: IT s Role in Cloud Security

Backup solutions for today s Data Center

Cyber Security. It s not just about technology. May 2017

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

Vista Deployment: What s in the Box and What s Not

Event insight: Key takeaways from Cloud Expo Europe and Data Centre World

Understanding the Value behind Enterprise Application-Aware Firewalls

DDoS: Evolving Threats, Solutions FEATURING: Carlos Morales of Arbor Networks Offers New Strategies INTERVIEW TRANSCRIPT

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

E-Guide CLOUD COMPUTING VS. VIRTUALIZATION

E-guide CISSP Prep: 4 Steps to Achieve Your Certification

KNOWLEDGE GAPS: AI AND MACHINE LEARNING IN CYBERSECURITY. Perspectives from U.S. and Japanese IT Professionals

Product Security Program

Business White Paper. Healthcare IT In The Cloud: Predicting Threats, Protecting Patient Data

Supercharge Your SIEM: How Domain Intelligence Enhances Situational Awareness

TechTarget s Client Consulting Services: Committed to maximizing your marketing ROI

Device Discovery for Vulnerability Assessment: Automating the Handoff

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

Security-as-a-Service: The Future of Security Management

Clarity on Cyber Security. Media conference 29 May 2018

Modern Database Architectures Demand Modern Data Security Measures

The Convergence of Security and Compliance

NINE MYTHS ABOUT. DDo S PROTECTION

Best Practices in Securing a Multicloud World

IT & DATA SECURITY BREACH PREVENTION

THALES DATA THREAT REPORT

in PCI Regulated Environments

WHITE PAPER. Best Practices for Web Application Firewall Management

Optimizing Infrastructure Management with Predictive Analytics: The Red Hat Insights Approach

Understanding IT Budgets

White Paper: Backup vs. Business Continuity. Backup vs. Business Continuity: Using RTO to Better Plan for Your Business

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

You will discuss topics related to ethical hacking, information risks, and security techniques which hackers will seek to circumvent.

Building a Threat Intelligence Program

Cyber security tips and self-assessment for business

Roadmap to the Efficient Cloud: 3 Checkpoints for the Modern Enterprise

Building cyber resilience into our railway s DNA. Matthew Simpson. Technical Director, Cyber Security

The Evolution of Threat Detection and Management

9 myths about moving to the cloud. What small and medium-size businesses need to know about moving to Microsoft Office 365

A practical guide to IT security

VARONIS CASE STUDY. Kirton McConkie. A Financial Services Design And Distribution Firm

Spotlight Report. Information Security. Presented by. Group Partner

Automating IT Asset Visualisation

E-Guide UPDATE YOUR APPLICATION SECURITY POLICY AFTER HEARTBLEED

As Enterprise Mobility Usage Escalates, So Does Security Risk

Tripwire State of Container Security Report

CATCH ERRORS BEFORE THEY HAPPEN. Lessons for a mature data governance practice

CLOUDALLY EBOOK. Best Practices for Business Continuity

A company built on security

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Automated Firewall Change Management Securing change management workflow to ensure continuous compliance and reduce risk

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Cybersecurity Session IIA Conference 2018

Go Cloud. VMware vcloud Datacenter Services by BIOS

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

White Paper. Closing PCI DSS Security Gaps with Proactive Endpoint Monitoring and Protection

Backup Appliances: Key Players and Criteria for Selection

Fundamental Shift: A LOOK INSIDE THE RISING ROLE OF IT IN PHYSICAL ACCESS CONTROL

E-Guide DATA MIGRATION BEST PRACTICES

COUNTERING CYBER CHAOS WITH HIPAA COMPLIANCE. Presented by Paul R. Hales, J.D. May 8, 2017

THREAT DETECTION METHODS AND BEST PRACTICES

Transcription:

E-Guide CLOUDS ARE MORE SECURE THAN TRADITIONAL IT SYSTEMS -- AND HERE S WHY

P aranoia has crept into many organizations due to the cloud computing approach, and how it feels insecure with your data stored on servers and systems that you don t own or control. However, control doesn t mean security the physical location of your data matters less than the means of access. This e-guide points to cloud security research that highlights how clouds are generally more systems. Systems built without a strong security strategy won t be as secure, whether they are cloud or not. Learn 3 steps that will help you focus on a well-defined and executed security strategy with the right enabling technology. PAGE 2 OF 7

CLOUDS ARE MORE SECURE THAN TRADITIONAL IT SYSTEMS -- AND HERE S WHY A strong-held belief in traditional IT security over cloud is faltering as studies find that data location matters less than accessibility. I speak to many in traditional IT that I call the folded arms gang. These are IT executives who need to address the use of cloud computing -- typically because the CEO or their board of directors is demanding it -- but feel that cloud computing still has too many shortcomings. They want to hear about cloud computing, but they don t believe in its use. The good news is that the folded arms gang has lost many members as cloud computing proves its value. However, the argument around security and privacy issues in the cloud still comes up often. While there is a certain amount of emotion, and sometimes politics, at play, you must educate those in enterprise IT around the real issues and the real risks. Indeed, I ve been finding that clouds are more systems, generally speaking. According to Alert Logic s Fall 2012 State of Cloud Security Report, the variations in threat activity are not as important as where the infrastructure PAGE 3 OF 7

is located. Anything that can be possibly accessed from outside -- whether enterprise or cloud -- has equal chances of being attacked, because attacks are opportunistic in nature. The report further finds that Web application-based attacks hit both service provider environments (53% of organizations) and on-premises environments (44%). However, on-premises environment users or customers actually suffer more incidents than those of service provider environments. On-premises environment users experience an average of 61.4 attacks, while service provider environment customers averaged only 27.8. On-premises environment users also suffered significantly more brute force attacks compared to their counterparts. Clearly, there are myths that cloud computing is inherently less secure than traditional approaches. The paranoia is due largely to the fact that the approach itself feels insecure, with your data stored on servers and systems you don t own or control. However, control does not mean security. As we ve discovered in this report, and in incidences over the last several years, the physical location of your data matters less than the means of access. This is the case for both cloud-based systems and traditional enterprise computing. Moreover, those who build PAGE 4 OF 7

cloud-based platforms for enterprises typically focus more on security and governance than those who build systems that will exist inside firewalls. Systems built without the same rigor around security won t be as secure, whether they are cloud or not. So, the best practice here is to focus on a welldefined and executed security strategy with the right enabling technology. Don t focus as much on the platform. THE GUIDANCE I TYPICALLY PROVIDE INCLUDES THREE STEPS: 1. Understand your security and governance requirements for a specific system and/or data store. Many of those who deploy security around cloud or traditional systems don t understand what problems they are attempting to solve. You need to define those up front. 2. Understand that controlling access is much more important than the location of the data. Look at how the data is accessed, and look specifically at opportunities to breach. Again, most of the data breaches occur around finding vulnerability, no matter if it s cloud-based or on-premises. PAGE 5 OF 7

3. Finally, vulnerability testing is an absolute necessity, no matter if you re testing the security of cloud-based or traditional systems. Untested systems are unsecured systems. I suspect that we ll think differently around security and the cloud as we deploy more public cloud-based systems and data stores and the world does not come to an end. However, without the right amount of planning and good technology, cloud-based platforms can become risky. Same goes for your existing enterprise systems. No free lunch here. PAGE 6 OF 7

FREE RESOURCES FOR TECHNOLOGY PROFESSIONALS TechTarget publishes targeted technology media that address your need for information and resources for researching products, developing strategy and making cost-effective purchase decisions. Our network of technology-specific Web sites gives you access to industry experts, independent content and analysis and the Web s largest library of vendor-provided white papers, webcasts, podcasts, videos, virtual trade shows, research reports and more drawing on the rich R&D resources of technology providers to address market trends, challenges and solutions. Our live events and virtual seminars give you access to vendor neutral, expert commentary and advice on the issues and challenges you face daily. Our social community IT Knowledge Exchange allows you to share real world information in real time with peers and experts. WHAT MAKES TECHTARGET UNIQUE? TechTarget is squarely focused on the enterprise IT space. Our team of editors and network of industry experts provide the richest, most relevant content to IT professionals and management. We leverage the immediacy of the Web, the networking and face-to-face opportunities of events and virtual events, and the ability to interact with peers all to create compelling and actionable information for enterprise IT professionals across all industries and markets. PAGE 7 OF 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback