ALL >> Computer-Programming >> View Article
In Wake Of Target Breach, Firms Focus On Cloud Security
After a massive breach involving millions of customer credit cards, Target and the government are investigating what went wrong. What’s clear is that cyber criminals are using increasingly sophisticated attacks against valuable assets, and one of their main targets is the cloud. “As more companies store their data in the cloud, attackers are looking for one stop shopping for sensitive data,” according to Jason Ejuma, Director of Cybersecurity at Google.
When thousands of companies store data in one place, it makes an attractive target for criminals looking to amplify the rewards of a successful attack. Rather than just one company’s data, they now have access to thousands.
Cyber criminals are adapting their tactics to take advantage of the growth in cloud usage, leverage Cloud Security services for a variety of different types of attacks. Watering hole attacks take advantage of tracking services that track users as they surf the web to find vulnerabilities and plant malware. These tracking services offer no business value to the company being tracked, and are ...
... a security risk if left unmanaged. While the vector of attack is a website, the cloud is an integral part of way the attack works.
In some cases malware can be delivered directly from a cloud service. Open source code repositories are experiencing increases in malware being inserted into code that is then downloaded by unsuspecting developers with the risk of it making its way into their own company’s products and services. IT security teams need new tools and approaches to identify threats that exploit tracking services and open source code repositories so they can take appropriate steps to secure the organization and its data once a attack or malware infection has been identified.
The cloud can also be a vector of data theft. Malware can exfiltrate data from your company into a cloud service. For instance, using Skyhigh one company found a single IP address at the company sent over 100,000 tweets in a single day. Upon closer inspection, they found the computer was infected with malware that was exfiltration data 140 characters at a time. It can be difficult to separate typical activity, say a marketing team using Twitter, and a bot that is stealing valuable data. That’s where baselining and anomaly detection come into play. By developing behavioral baselines IT can quickly identify when a security breach occurs.
Employees are voting with their feet by choosing to adopt technology that helps them be more productive and grow the business. In a sense, they’re crowdsourcing the selection process for new technology and providing an enormous service to the IT department by selecting services that they will like to use. Instead of going through lengthy procurement processes that may end up selecting a technology that doesn’t work for the business, IT has an opportunity to partner with the business and enable and secure the Cloud Security services that are already in use.
Once companies have visibility into what cloud services are in use and the enterprise readiness of those services, they can then go and enable the ones that make sense. That can include consolidating multiple services onto 1-2 low risk services using enterprises licenses, which not only improves collaboration but also reduces cost with volume pricing. Companies are blocking fewer low risk cloud services and instead are embracing them. For instance, a company using 39 different file sharing services standardized on Box – and in doing so improved collaboration and reduced their overall risk and cost.
Author :
Skyhigh Networks, the Cloud Security Services company, enables companies to embrace Cloud Security Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com/ or follow us on Twitter@skyhighnetworks.
Add Comment
Computer Programming Articles
1. Which Are The Best Java Coding Classes In Bhopal?Author: Shankar Singh
2. Warehouse Management In Zambia: Essential Features To Look For
Author: Doris Rose
3. Ecommerce Web Design And Development In Melbourne With The Merchant Buddy
Author: themerchantbuddy
4. Why Website Maintenance Is Crucial For Business Success
Author: Yogendra Shinde
5. Boost Your Business With Smart Invoice Pos Software In Zambia
Author: Cecilia Robert
6. How Stablecoin Development Ensures Stability And Security?
Author: Michael noah
7. Công Cụ Tính Chiều Cao Chuẩn Từ Minbin Tool: Đo Lường Và Cải Thiện Chiều Cao Hiệu Quả
Author: KenJi123
8. How To Make A Courier App For Courier Delivery And Tracking Service
Author: Deorwine Infotech
9. Reputation Management In The Digital Age: Protecting And Enhancing Your Law Firm’s Image
Author: jamewilliams
10. What Features Should I Look For In Wordpress Ecommerce Plugins?
Author: Rocket Press
11. Staying Updated With The Latest Gaming News
Author: Next Tech Plus
12. Game Development: Evolving Technologies And New Horizons
Author: Rick John
13. Why Svelte Is The Most In-demand Framework For Web Development?
Author: Why Svelte Is The Most In-Demand Framework For Web
14. Maximizing Ebay Sales With Maropost/neto And Pursuit Info Solutions
Author: rachelvander
15. The Importance Of Software Testing: Ensuring Quality In Development
Author: John Mathew