There’s no question that IT security trends are constantly changing. For instance, think back to early 2000’s when we had applications running on physical servers in an on-premises datacenter. Basic security measures were put in place to prevent the virus, malware, and network penetration attacks through perimeter-based software tools and physical appliances. Attacks were noisy, but once cleaned up, did not leave much damage. That all changed in the mid-2000’s with the emergence of virtualization, as well as the proliferation of mobile devices, and security evolved to adapt to this changing paradigm.
While infrastructure was becoming more sophisticated, so were more organized hackers. As the new Cloud era emerged, cyber criminals became even more sophisticated. Today, people ignore that IT security changed with the Cloud as attacks occur in a sneaky and seemingly non-intrusive way, so people don’t even know they have been compromised. Breaches often also go undetected for long periods of time, enabling attackers to maximize the amount of data they can collect and damage they can do. Additionally, attacks are now multi-stage and use multiple threat vectors, and Web applications have now become the number one target in the cloud. Some of the common attacks include Identity & Recon, Command & Control, Malware, SQL Injection and Brute Force. To mitigate such threats, today’s security needs to be cloud-native and must cover all layers of the app stack to identify and track compromises at any stage.
As customers move more and more of their workloads to the public cloud, most of them still maintain on-premises data centers, taking a hybrid approach. In these hybrid cloud environments, applications are the main target for cybercriminals, with about a 70 percent chance of being breached. That’s a 45 percent increase in just the last two years! On the other hand, data centers have a 60 percent security incident rate, with only a 3 percent increase during the same time. This means that cloud-hosted applications are the preferred target these days. This trend has given rise to a new series of security services and applications that focus only on cloud security, thread detection, and protection.
Whose responsibility is it anyway?
The biggest mistake many organizations make when moving to the cloud is determining who is responsible for security. On the one hand, many are hesitant to make a move because they don’t think the cloud is secure and thereby don’t realize the benefits. On the other, people think that cloud service providers have it all covered, and don’t think much about security internally. The reality is that cloud security is a shared responsibility between the service provider and the tenant. The provider is responsible for protecting the underlining infrastructure and services such as hypervisors, host system images, logical network segmentation and the perimeter from external DDoS, spoofing and other potential attacks. The tenant is responsible for secure and authenticated application access and instances and implementing the appropriate tools to monitor, detect, prevent, block and protect their applications and data in the cloud.
What do I need to do?
To secure ever-evolving cloud environments against increasingly sophisticated cyber criminals, companies need to focus on:
- Providing continuous visibility by monitoring application performance levels and detecting any suspicious activity on the network
- Using best practices with tools and mechanisms to prevent attacks, including preventive measures like patching systems and applications and securing networks
- Implementing automated alerting and remediation processes and systems to mitigate any breaches and proactively check for vulnerabilities
At Auxis, we support our customers by continuously monitoring their Cloud applications and datacenter workloads through a combination of proven best practices, secure processes and automated tools that assure our customers their hybrid network is protected and highly available.