Cloud computing has created endless opportunities for businesses across the globe to grow and develop services, applications and platforms; as well as the choice to grow at rates that suit them. While it has provided companies with a level of choice and flexibility that hasn’t been possible before, cloud computing also opens doors to a number of risk and security issues; and these potential risks, such as unauthorised system access, complexity of network identity management or mass data loss are difficult to spot without the right tools and visibility.
To mitigate these risks, business leaders need much more visibility in order to make better informed and educated decisions that will benefit their business. With advanced visibility of where the threats and risks lie, defences can be built to mitigate all threats with confidence. The solution lies with centralised connectivity.
Entry and exit points
The many and varied benefits of internet based services have seen company infrastructures grow rapidly in a very short period of time. While this is great for companies who want to expand quickly, increase their flexibility and efficiency for both internal processes and external clients, it does also increase the threat risk.
As the estate grows, so do the entry points to the organisation. Expanding too quickly can introduce endless doors that aren’t effectively sealed, where hackers can seamlessly and smoothly walk in to access precious data. Unlike a data centre with one door to open and close, multicloud and cloud services create infinite opportunities for hackers to access data and as such, companies become far more vulnerable. Further, as more companies take a multicloud approach - and rightly so - they must be aware of the various security policies that each cloud provider has, and not take a flippant, casual approach to each cloud provider.
No-one introduces shadow IT with malicious intentions; in reality it’s usually introduced to empower teams to keep innovating by accessing tools that make them more productive and efficient.
However, it does create a siloed culture that evades the IT department completely. With companies now embracing more flexible cultures, and with many offices now spread across the world, a siloed culture can be detrimental. A lack of visibility on what is getting accessed, shared and adopted means that the professionals who are trained on mitigating risk aren’t aware of what risks are developing. This is becoming more of an issue with recent research revealing that 80 per cent of workers admit to using SaaS applications at work without IT approval. Not only is this a security risk, but it is also an issue for budgets; as unexpected costs can rack up without full knowledge of what technologies workers are using.
Unfinished SIEM logs
Many businesses have turned to Security Information and Event Management (SIEM) solutions to protect networks from threats - both internal and external. These solutions are deployed to carry out complex analysis on the network’s data to identify any security issues. It provides companies with a single view of all the data to identify any behaviour and patterns that are out of the ordinary and enable IT professionals to understand and prevent any risk of a breach.
SIEM solutions can only provide clear and correct analysis if the data it’s analysing is of good quality. Many companies have missing data and incomplete logs which means that SIEM solutions are incapable of providing a detailed summary, or could result in false positives. Without exhaustive historic data, it’s impossible to predict what could happen in the future as the picture isn’t fully complete. As such, enterprises could either be unaware of what could happen in the future, or instead look into false positives wasting time and money.
No central visibility
There are known knowns, known unknowns and unknown unknowns that businesses need to be prepared to face everyday. However, without any central visibility, enterprises are in an extremely vulnerable position to fight against all of these possibilities. The demand for transparency increases in line with the growth of the company, if not more, so businesses need proper processes in place to avoid failure and security threats.
Responsible for these decisions and processes is the Chief Information and Security Officer, who has to understand the full risk landscape to then make the correct decisions to mitigate it. However, without any central visibility the CSIO is incapable of making correct and informed decisions, as they are working with either legacy or incorrect data. Consequently, all decisions are flawed and could hold detrimental consequences to the business.
All of these issues outlined are legitimate and not uncommon for businesses. Therefore, it’s imperative that all businesses are totally prepared to mitigate any risk and prevent any security threat from causing irreparable damage. As a solution, businesses should consider centralising their connectivity to establish a single, timely and accurate source of the truth across the whole enterprise. Securely connecting all the different entities on an estate and ecosystem will empower businesses to become truly agile - something that has lost its true meaning as of late. To be truly agile, companies need to have the capacity to rapidly add, change and remove cloud vendors, connectivity providers and other third parties of a similar ilk; owning the power to be totally in control and not tied down to anything, or anyone. However, the most important part is to increase visibility and reduce security risk.
A centralised network empowers businesses to take a step back and view the full picture; without any missing puzzle pieces skewing their view. All potential exit points are monitored and there is only one singular egress point that goes through a centralised platform that monitors the whole network. Shadow IT is also reduced, as the IT teams are now privy to all of the different activities across the business; including which cloud platforms that are being used and importantly, which shouldn’t be. Finally, all SIEM solutions can work effectively with consistent logs and policies available to work from and drastically reduce false positives.
Ultimately, a successful business is only truly successful if it has eyes in all areas. As cloud adoption continues to grow and increase at such speeds, it’s important that businesses remain vigilant in their security. Centralised connectivity provides them with much more visibility and the benefit of educated, more informed decisions across the business.
Neil Briscoe, CTO and co-founder, Cloud Gateway