Story image

What the channel needs to know about cloud security

24 Apr 2017

The benefits of cloud computing are undeniable and it’s changing the way we consume, share, and use digital information. The cloud makes access to information and computing power easier, faster and more scalable, but it fundamentally changes the way we have to think about cyber security.

As cloud adoption is accelerating rapidly, resellers are, in turn, busy migrating infrastructures for their customers. However, many resellers are failing to consider how security has to change as part of this migration.

Many customers simply extend the existing perimeter security to the cloud by routing all of their traffic back from the cloud through the on-premise perimeter security. This approach is inefficient and doesn’t take into account the new architecture the cloud delivers. There is a clear opportunity for partners to educate and consult to their customers, specifically about how moving to the cloud needs a different security approach.  

How much security is sufficient for the cloud?

There is an assumption the security provided as part of a cloud ‘package’ is sufficient. However, in many cases the level of security provided is inadequate to deal with the myriad viruses and security breaches which are on the rise.

Telstra’s Cyber Security Report 2017 found that almost 60% of local organisations surveyed detected a security incident on at least a monthly basis in 2016.

The report also found that more than half of all businesses experienced a ransomware attack last year – 30% of Australian businesses surveyed have had a business email compromise and the number of Distributed Denial of Service (DDoS) networks attacks are up by more than 200%.

Not adjusting your security approach as you migrate to virtual and cloud environments can lead to security gaps, lost ROI, performance lag and difficulty proving compliance.

As a reseller, you need to understand the opportunities and risks of cloud computing, and how to make the move that’s right for your customer. Having the right security strategy can help your customers take advantage of the amazing potential of the cloud to control their data, maintain compliance and decrease costs. In order to do so though, you’ll need to provide them with a solid security foundation that spans all of their platforms – physical, virtual and cloud.

Elastic security

The best practice solution is to provide smarter protection that travels with your customers’ data as it moves across physical, virtual and cloud environments. Security in the cloud is a shared responsibility. That means customers and cloud service providers must work together to protect applications and data, meet compliance regulations, and ensure business continuity. If their security doesn’t go beyond the native cloud, then they probably are not meeting their shared responsibility. You can increase overall protection and reduce administration by building elastic security into your cloud architectures.

When selecting a security provider, resellers should be considering security capabilities that are completely integrated with cloud services such as Amazon Web Services (AWS), Microsoft Azure and VMware vCloud Air. When the security is integrated with the leading cloud services platforms, cost and complexity go down, making it faster and easier to meet security requirements while realising the operational benefits of the cloud.

To be effective, security in the cloud must be able to dynamically follow the servers, conduct real-time monitoring, and provide instant protection for the data and applications on the instances as they spin up and down with on-demand workload. You should choose a solution that has a broad set of security capabilities to support the critical needs of security in the cloud. This integrated solution prevents data breaches and business disruptions, provides easy deployment and administration, and helps achieve cost-effective internal and regulatory compliance across hybrid cloud deployments, and across multiple cloud providers.

While the vehicle for cyber criminals is now clearly ransomware, the objective hasn’t changed. It’s first and foremost about access to your data which resides on your customers’ servers, whether they are physical, virtual, cloud or a hybrid combination.

A good security solution should offer server security for physical, virtual, and cloud environments, thereby giving you the most complete set of security capabilities with automated management, to dramatically reduce both risk and cost.

Benefits of a good cloud security solution

By choosing a leading security solution, businesses are able to:

  • Protect data and applications running in the cloud with broadest range of security capabilities to meet security and compliance requirements.
  • Dramatically reduce cost and complexity with automated security provisioning and workload-aware security policies.
  • Support government or industry standards with security built to the highest standards, including common criteria EAL 4+ and the ASD top 4
  • Integrate seamlessly with cloud management tools such as AWS CloudFormation, Chef, Puppet, and SaltStack to automate security deployments.
  • Minimise administrative cost and complexity with a single security console to manage server security across hybrid cloud environments, including multi-cloud deployments.

Resellers can meet their customers’ shared security responsibility requirements when deploying sensitive applications to the cloud with elastic security. Whether you’re operating in the data centre, the cloud, or rolling out web applications—you can manage a broad set of security capabilities across multiple environments all from one single platform, thereby minimising your risk of being impacted by a data breach or ransomware.

By Peter Hewett, Channel Director, Trend Micro ANZ

Bitglass appoints new cloud, business development leaders
The cloud security company has appointed vice presidents for worldwide channels and worldwide business development.
Ping Identity offerings accelerates cloud MFA and SSO adoption
90% of respondents trust MFA as an effective security control to protect identity data in public clouds, yet only 60% of organisations have formally adopted it.
Ingram launches CRM backup on cloud marketplace
AvePoint Cloud Backup for Dynamics 365 is a multi-tenant solution, designed with specific features to enable channel partners and MSPs.
Trend Micro introduces cloud and container workload security offering
Container security capabilities added to Trend Micro Deep Security have elevated protection across the DevOps lifecycle and runtime stack.
Veeam joins the ranks of $1bil-revenue software companies
It’s also marked a milestone of 350,000 customers and outlined how it will begin the next stage of its growth.
Veeam enables secondary storage solutions with technology partner program
Veeam has worked with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration.
Veeam Availability Orchestrator update aims to democratise DR
The ability to automatically test, document and reliably recover entire sites, as well as individual workloads from backups in a completely orchestrated way lowers the total cost of ownership (TCO) of DR.
Nuix eyes legal sector as eDiscovery demand skyrockets
eDiscovery must encompass so much more than email and documents. If you haven’t looked at text messages and online chats, digital images, mobile devices, data in the cloud and social media, you’re not getting the whole story.