Story image

What the channel needs to know about cloud security

24 Apr 2017

The benefits of cloud computing are undeniable and it’s changing the way we consume, share, and use digital information. The cloud makes access to information and computing power easier, faster and more scalable, but it fundamentally changes the way we have to think about cyber security.

As cloud adoption is accelerating rapidly, resellers are, in turn, busy migrating infrastructures for their customers. However, many resellers are failing to consider how security has to change as part of this migration.

Many customers simply extend the existing perimeter security to the cloud by routing all of their traffic back from the cloud through the on-premise perimeter security. This approach is inefficient and doesn’t take into account the new architecture the cloud delivers. There is a clear opportunity for partners to educate and consult to their customers, specifically about how moving to the cloud needs a different security approach.  

How much security is sufficient for the cloud?

There is an assumption the security provided as part of a cloud ‘package’ is sufficient. However, in many cases the level of security provided is inadequate to deal with the myriad viruses and security breaches which are on the rise.

Telstra’s Cyber Security Report 2017 found that almost 60% of local organisations surveyed detected a security incident on at least a monthly basis in 2016.

The report also found that more than half of all businesses experienced a ransomware attack last year – 30% of Australian businesses surveyed have had a business email compromise and the number of Distributed Denial of Service (DDoS) networks attacks are up by more than 200%.

Not adjusting your security approach as you migrate to virtual and cloud environments can lead to security gaps, lost ROI, performance lag and difficulty proving compliance.

As a reseller, you need to understand the opportunities and risks of cloud computing, and how to make the move that’s right for your customer. Having the right security strategy can help your customers take advantage of the amazing potential of the cloud to control their data, maintain compliance and decrease costs. In order to do so though, you’ll need to provide them with a solid security foundation that spans all of their platforms – physical, virtual and cloud.

Elastic security

The best practice solution is to provide smarter protection that travels with your customers’ data as it moves across physical, virtual and cloud environments. Security in the cloud is a shared responsibility. That means customers and cloud service providers must work together to protect applications and data, meet compliance regulations, and ensure business continuity. If their security doesn’t go beyond the native cloud, then they probably are not meeting their shared responsibility. You can increase overall protection and reduce administration by building elastic security into your cloud architectures.

When selecting a security provider, resellers should be considering security capabilities that are completely integrated with cloud services such as Amazon Web Services (AWS), Microsoft Azure and VMware vCloud Air. When the security is integrated with the leading cloud services platforms, cost and complexity go down, making it faster and easier to meet security requirements while realising the operational benefits of the cloud.

To be effective, security in the cloud must be able to dynamically follow the servers, conduct real-time monitoring, and provide instant protection for the data and applications on the instances as they spin up and down with on-demand workload. You should choose a solution that has a broad set of security capabilities to support the critical needs of security in the cloud. This integrated solution prevents data breaches and business disruptions, provides easy deployment and administration, and helps achieve cost-effective internal and regulatory compliance across hybrid cloud deployments, and across multiple cloud providers.

While the vehicle for cyber criminals is now clearly ransomware, the objective hasn’t changed. It’s first and foremost about access to your data which resides on your customers’ servers, whether they are physical, virtual, cloud or a hybrid combination.

A good security solution should offer server security for physical, virtual, and cloud environments, thereby giving you the most complete set of security capabilities with automated management, to dramatically reduce both risk and cost.

Benefits of a good cloud security solution

By choosing a leading security solution, businesses are able to:

  • Protect data and applications running in the cloud with broadest range of security capabilities to meet security and compliance requirements.
  • Dramatically reduce cost and complexity with automated security provisioning and workload-aware security policies.
  • Support government or industry standards with security built to the highest standards, including common criteria EAL 4+ and the ASD top 4
  • Integrate seamlessly with cloud management tools such as AWS CloudFormation, Chef, Puppet, and SaltStack to automate security deployments.
  • Minimise administrative cost and complexity with a single security console to manage server security across hybrid cloud environments, including multi-cloud deployments.

Resellers can meet their customers’ shared security responsibility requirements when deploying sensitive applications to the cloud with elastic security. Whether you’re operating in the data centre, the cloud, or rolling out web applications—you can manage a broad set of security capabilities across multiple environments all from one single platform, thereby minimising your risk of being impacted by a data breach or ransomware.

By Peter Hewett, Channel Director, Trend Micro ANZ

Zoom’s new Rooms and Meetings features
Zoom has released information about the upcoming releases for its Rooms and Meeting offerings for 2019.
Aussie company set to democratise direct-to-orbit IoT access
Adelaide-based Myriota has released a developer toolkit that has been trialled and tested by a smart waste management platform.
Apple's AirPods now come with 'Hey Siri' functionality
The new AirPods come with a standard case or a Wireless Charging Case that holds additional charges for more than 24 hours of listening time.
Dynatrace takes pole position in APM Magic Quadrant
It placed highest on Ability to Execute and furthest on Completeness of Vision in the 2019 Quadrant for Application Performance Monitoring (APM).
HCL and Xerox expand strategic partnership
Under the terms of the agreement, HCL will manage portions of Xerox’s shared services, including global administrative and support functions.
Avaya expands integration with Google Cloud AI
This includes embedding Google’s machine learning within conversation services for the contact centre, enabling integration of AI capabilities.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Poly appoints new A/NZ managing director, Andy Hurt
“We’re excited to be bringing together two established pioneers in audio and video technology to be moving forward and one business – Poly."