In today's security climate, where and how cyberattackers strike is a shifting and evolving matrix. Fueled by increases in the number and diversity of Internet-connected devices, organizations find themselves facing an uphill battle as they strive to defend themselves against many different types of attacks. In a recent survey of IT professionals conducted by McAfee and the Aspen Institute, 70 percent believe cybersecurity threats to their organizations are escalating. Operating in today’s environment requires that security professionals and other leaders collaborate to prioritize their investments in information security controls.
Media attention given to major security incidents in 2014 and 2015 sparked an interest in security issues among leaders, from the board level down to line managers. Breaches at the federal Office of Personnel Management and several major businesses led to many “what if” questions about practices within organizations everywhere. One of the core realizations for many organizations was that it simply isn’t possible to completely prevent security breaches. They can and do occur, even to well-defended organizations. Enterprises must implement security strategies that not only reduce the likelihood of security incidents, but also minimize the effect of successful attacks through strong security controls and proactive incident response processes.
Many security experts advocate a defense-in-depth approach to information security issues. This approach calls for adopting a layered defense of overlapping security controls that can withstand the failure of a single security technology. Cloud security services facilitate defense-in-depth by providing responsive, rapidly updated security services that might otherwise be too difficult or cost-prohibitive for an organization to build on their own.
Organizations across many industries depend on cloud security solutions for a wide variety of enterprise needs. The value these solutions offer is the ability to leverage the broad expertise of vendor security specialists and reduce the administrative burden on enterprise IT teams. Cloud security solutions also bring unique benefits to many security disciplines, including antivirus protection, email security, web application security and enterprise mobility management.
Most anti-virus technology depends on the use of signature detection approaches that use databases of known malware objects. In the traditional approach to anti-virus protection, each client downloads signature files from a central repository, and the anti-virus software is only as good as the most recent update. Failing to update anti-virus signatures results in dangerous security vulnerabilities.
Cloud-based approaches to anti-virus technology remove this update burden from an organization’s IT staff by performing malware analysis in the cloud. Whenever an anti-virus client discovers a suspicious file, it sends a digital hash of that file to the cloud service for analysis and evaluation. The service provider keeps the cloud database current, and these updates improve security for all clients in real time.
Cloud-based email security services function in a similar manner, offloading the analysis of inbound email messages to a cloud provider. An organization’s IT staff simply configures the domain to automatically route incoming messages to the cloud security service before delivery to users. The service can then perform anti-virus screening, spam filtering and other contentbased security checks on messages, quarantining any suspicious content before delivery to individual mailboxes. Cloud-based email systems also provide encryption technology designed to add confidentiality to the exchange of sensitive messages both inside and outside an organization.
Cloud-based web security also provides significant benefits to web applications. From a server perspective, cloud-based web application firewalls can filter out malicious traffic, protecting an organization from distributed denial-of-service attacks, SQL injection, cross-site scripting and other malicious requests. Cloud web security services also extend protection to end users, filtering out requests for malicious websites or other content that violates an organization’s security policy.
Organizations also turn to the cloud for easy-to-administer enterprise mobility management (EMM) products. These solutions provide a simple, web-based way to manage the many mobile devices that exist in modern organizations. Administrators may leverage policy templates provided by the EMM vendor or develop custom policies that ensure secure device configurations, prevent the installation of unwanted mobile apps and track lost or stolen devices to facilitate recovery or data wiping.
These cloud services share several common benefits. They boost security by allowing the incorporation of real-time threat updates. They enable organizations to leverage state-of-theart security technology without major increases in staff, and they typically offer cost benefits over in-house solutions by leveraging economies of scale across many clients.
To learn more about deploying security services in the cloud, download the white paper "Next-Generation Security as a Service."