Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity

    Recognizing the Right Stuff in Cloud Security

    By
    Michael Hickins
    -
    November 26, 2019
    Share
    Facebook
    Twitter
    Linkedin
      eweek.logo.DataPoints-UPDATE

      A plethora of cybersecurity breaches at both public and private sector entities over the past few months shows not only how far the industry has to go to shore up its defenses, but how much more sophisticated attackers have become, and how much more sophisticated they will likely get.

      Many businesses have now concluded–-correctly, most experts believe–-that cloud computing offers a greater level of security than on-premises data centers managed by the businesses themselves. After all, cybersecurity is not core to what most companies do (and even those who live by the mantra that “every company is a technology company” didn’t sign up for the arduous, tedious and thankless work of securing data); even having the right tools and technology isn’t enough given that great talent is in such short supply.

      Cloud providers can generally provide a greater level of security because security is (or should be) their business, and because chances are that they employ the best talent for this purpose. Yet not all clouds are created equal, and businesses should look closely under the hood to see what those differences are.

      Businesses should consider the following six characteristics of any cloud provider to determine whether they have the right security stuff to help ensure their data remains safe and ahead of the cyber threat curve:

      Data Point No. 1: Design Principles

      Many cloud vendors offer only a portion of a complete computing and storage stack, which is why, in many cases, they cannot guarantee the security of their customers’ systems. Infrastructure-only providers don’t have–and thus can’t control-the platforms or application layers used by their customers.

      Others only provide platforms and applications but don’t control the infrastructure.

      Customers should look for providers who control all aspects of the cloud: infrastructure, platforms, as well as application layers. They should also look for providers who have proven that security isn’t an afterthought, but part of their fundamental design philosophy.

      Applications, platform and infrastructure should all be designed with security and functionality in mind, in equal measure. One specific design principle to look for is that of isolation. Most providers allow customer data and the control code used to manage the cloud to exist in the same server–which is a prime opportunity for bad actors to pose as customers and then use malicious software to manipulate the cloud’s control code.

      Look for vendors using next-generation cloud infrastructure, in which the control code is isolated from customer data, so that no customer data can ever affect the control code.

      “Customers should consider working with cloud providers who have security as the most important design element, period, not just a high priority or an add-on but as the top priority above everything else,” said Wim Coekaerts, Senior Vice President of Software Development at Oracle. “Autonomous capabilities are a requirement to address proactive and reactive handling of cloud and cybersecurity issues.”

      Data Point No. 2: Patching

      Unpatched software is the root cause of many, if not most, big cybersecurity breaches. Thus, applying security fixes in a timely manner is fundamental to overall security. Yet in complex systems, applying security fixes takes time and often requires systems to be taken offline for hours at a time–hardly ideal for any business that relies on processing transactions in a timely manner.

      It’s also important that those security fixes be applied without the end user being aware of it happening or suffering material downtime. Autonomous patching can apply software updates and security fixes as soon as they are available, without need for system shutdowns.

      Data Point No. 3: Configuration

      Cloud users often leave themselves exposed to potential hacks by leaving server ports open when doing so is not optimal. Or they leave computing or storage resources running even though they are no longer needed or in use. Bad guys can gain entry via these fallow resources and then more easily penetrate critical, running systems.

      A modern cloud provider that can help spot unused-but-still-operating computing resources and proactively shut them down, which can dramatically lessen the attack surface that hackers can attack, helping customers maintain a more secure stance.

      Cloud providers should also help ensure that the permissions on data access are secure by default by enforcing a rule that documents in object storage are never publicly accessible, and should automatically detect if certain permissions have changed which could potentially expose a system or data, and send alerts whenever that is the case. 

      Data Point No. 4: Encryption

      In addition, cloud providers that mandate that encryption is on by default both for primary and back up databases make it harder for bad guys to steal usable information.

      And, adoption of pervasive always-on encryption, for both data at rest and data in transit, means that even if hackers do get their hands on data, it will more likely be gibberish.

      Data Point No. 5: Emerging Technology

      Thus far, machine learning and artificial intelligence are not deployed broadly to help cloud providers with early detection of malicious code and unusual patterns and activities that threaten customer data.

      That is changing in the face of the cybersecurity hacking onslaught. But it’s important to remember that the best cloud provider needs more than top flight AI expertise. The optimal provider needs both a deep knowledge of what large business workflows look like, as well as the ability to use AI to spot possibly malignant activity before it gets painful.

      Data Point No. 6: Summing it Up

      A provider that can offer a solid one-two punch of historical enterprise experience and modern technology expertise is a winning proposition for customers looking for a highly secure cloud to entrust with their key business data and workloads.

      Business customers should look for a cloud provider that will act as a full partner, not a passive participant who takes customers’ money in exchange for access to a raft of cloud servers. Likewise, cloud providers need to see themselves as full partners with customers when it comes to deploying and securing those all-important business workloads.

      Michael Hickins is a former eWEEK and Wall Street Journal editor and reporter who now works at Oracle. This report is special to eWEEK.

      Michael Hickins
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×