By Alan Hawkins, GM: Cyber-Security and Software
Hyperscale public cloud providers have the economies of scale and in-house expertise to secure their data centres to an extent no small and medium business (SMB) could hope to achieve. Even so, SMBs need to be aware of the growing number and rising complexity of the security risks they face as they migrate to the cloud.
International research commissioned by Sophos found that, among SMB Infrastructure-as-a-Service (IaaS) users, 56% experienced an increase in the volume of attacks and 59% experienced an increase in complexity of attacks in 2022. The research identifies a lack of visibility into infrastructure, unpatched vulnerabilities and resource misconfigurations among the factors that made them vulnerable.
This highlights the reality that information security in the cloud is a shared responsibility between the end-user and the cloud provider. The provider can take a weight off an SMB’s shoulders by safeguarding infrastructure and computing resources. But the SMB will still need to take control of identity and access management, safeguarding of cloud accounts and protection of cloud-based data assets.
A good starting point is for the SMB to ensure that it has visibility into its cloud environments and evaluates gaps in cloud security. From there, it can invest in tools to harden cloud defences, including firewalls, identity and access management (IAM), managed detection and response (MDR) services, and data protection.
One of the major challenges of the shift towards the cloud is that it creates a larger potential attack surface. With many people working from home and accessing cloud resources remotely, for example, they could be using personal devices and home networks that are not secured to enterprise standards. As such, companies need to embrace new approaches and tools to lock down their data and assets.
Cloud security tools and practices are maturing
The good news is that cloud-ready security platforms, tools and practices are maturing at a rapid pace. One of the major developments is a shift towards Zero Trust—a framework with the central principle of not automatically trusting anyone or anything within or outside of the network. In Zero Trust, all traffic, users and devices into the network will need to be verified authorised, inspected and secured.
With this approach, users only have access to the cloud resources they need to perform their duties. Developers, meanwhile, would be expected to implement permissions on an as-needed basis. Zero trust also involves micro-segmenting infrastructure into small nodes. This helps to block threats from spreading within the network.
Another trend to watch is the rise of extended detection and response (XDR) solutions. XDR solutions offer an integrated suite of tools that monitor, detect, and respond to a wide range of threats across the different layers of an organisation’s IT infrastructure. XDR enables a company to identify and respond to security threats and malware across networks, clouds, and endpoints fast and with fewer false positives.
Finally, there is growing buzz around cloud-delivered secure access service edge (SASE). SASE integrates virtual private network (VPN) and software defined wide area networking (SD-WAN) capabilities with functions such as secure web gateways, cloud access security brokers, firewalls and zero-trust network access. It’s provided as a service.
"However, all the technology and best practice in the world will be for naught without end-user compliance and buy-in. With a larger cohort working remotely, policy and end-user training are more important than ever. Companies that focus on the basics like two-factor authentication, password strength and end-user education will vastly reduce the risks of becoming victim to a breach."
Reference