Threat Review: Securing Data in the Second Wave of Cloud

Securing data second wave of cloud Message In A Bottle

Securing data is a tough business. We’ve seen the proof in an unprecedented volume of attacks varying from big retailers like target, to hospitals, coast-to-coast. Now Forrester Research is predicting that the cloud market will accelerate faster in 2017 as enterprises look to gain computing efficiencies, and that leaves room for concern.

As companies flock to virtualized environments, they need to keep in mind that just like their physical environments, they must have a security plan. Without proper protections, a massive amount of data will be in danger. And at the end of the day, it will be the enterprises left with the blame, not the cloud providers.

So as an industry, the lingering question is:

In 2017 will we see cloud-storing platforms become major targets because of increased usage by enterprises for housing proprietary and classified information?

Our prediction is: Yes.

Virtual Environments Don’t Come With Security Warranties

It’s time for businesses to take heed that virtual environments are not always fully secure. While operational efficiencies draw fans of the cloud model, corporations must do work to take the proper measures to outline a full security plan that works in tandem with a public, private, or hybrid cloud adoption.

File sharing is a cloud competency that many workplaces are adopting without regard to safety protocols. Employees that are using Enterprise File Sync and Share services, particularly ones in a public cloud, expose the organization endpoints to vulnerabilities. On a day-to-day basis, the companies using these services typically do not have the manpower to oversee the operations of cloud management. Malicious actors will catch on to the lack of oversight and identify such businesses as easy targets to take down.

Securing Data Through Encryption

What’s the first step you would take to securing data in the cloud? Many people would think about encrypting network traffic. But as soon as it enters your mind, the thoughts that follow probably sound something like this…it’s too expensive, it’s difficult to manage and let’s not even start with the troubles of deployment. Even if all of this were true, data encryption is the cornerstone to any data security protection strategy.

According to the Spiceworks survey, approximately one-third of organizations encrypts, or plans to encrypt data at the disk/device levels. To do this, it’s likely that the companies are working with two options:

  1. Encryption and managing data that is in the virtualized environment.Threat Review: Securing Data in the Second Wave of Cloud 2 keys
  2. Encrypting files at the endpoint before transmission to the file sharing service.

Never Rely on a Single Solution

It takes more than just encryption to protect sensitive enterprise data. In a previous blog post, we covered “9 Tips for Securing the Cloud,” outlining: defining requirements, developing a plan, performing due diligence, building a threat model, embracing transparency, prioritizing risk management, using powerful authentication tools, creating an SSO solution, and DDoS protection.

Whether you have already adopted a cloud approach or it’s on your roadmap for 2017, be sure to read up on the necessary security practices.

SentinelOne has been recommended as a top vendor for protecting big data in the cloud. Our endpoint platform works to protect through lightweight autonomous agents that monitor activity on both Linux and Windows servers. Agents apply machine learning for behavior-based detection to predict possible threats. If the application detects malicious activity, mitigation and quarantine processes are deployed to eliminate them entirely.

Cloud can feel like a very vulnerable place to be, but you don’t have to go it alone. Contact SentinelOne today to learn more about how our security solutions can work with your 2017 cloud goals or download our free guide to protecting virtualized environments.