The way cloud vendors promote their offerings convinces many users that their security needs are fully taken care of. But buyer beware. Read the small print.
Cloud vendors certainly do go to great lengths to secure what they consider the aspects of cloud security that fall under their responsibility. But users are responsible for other aspects of cloud security. This is an area, therefore, that demands careful consideration.
Here are the top trends companies and IT teams are seeing in the cloud storage security market:
Ransomware has electrified the cloud storage world.
Organizations are terrified that their cloud data becomes infected and their cloud backups become corrupted.
Ransomware is now a vast ecosystem with many different forms of attacks. Many attackers have their own versions of ransomware, and these are called variants. Each variant has the same purpose, but it uses a different mechanism or simply a different naming convention.
Most ransomware variants and all the top 10 forms for 2021 followed the same attack pattern: infiltrate a computer and rename the files with a different extension.
“A whole new cybercrime regime has emerged with trends like ransomware-as-a-service (RaaS),” said JG Heithcock, GM of Retrospect, a StorCentric company.
“RaaS made cybercrime that much easier for everyone, including entry-level hackers. Bottom-line, when it comes to ransomware, it is not a question of if, but rather a question of when.”
In response, various security, backup, storage, and cloud providers are now folding ransomware protection into their offerings.
2. Multiple layers
Organizations are turning away from one-dimensional approaches focused on simply keeping ransomware and other malware out, according to Heithcock with Retrospect.
Instead, they are turning towards multi-layered strategies that prioritize detection of anomalies and recovery using cloud-based immutable backups.
“Today, there are backup solutions that can provide visibility into endpoints, servers, NAS volumes, and even cloud storage,” Heithcock said.
“To detect anomalies, the ideal backup solution will provide a per-policy option for filtering and threshold to decide whether certain file changes are an anomaly with options for notifications.”
Once anomalies are detected, appropriate remediation action is the next step. In some cases, it may be necessary to restore from an immutable data backup.
Even if ransomware has successfully infiltrated your organization and, as is common, tried to attack the on-site and cloud backup data first, an immutable copy is unchangeable and cannot be deleted — even by internal bad actors, providing data and operations recovery and business continuity assurance.
3. Granular security
When you store data in the cloud, every file becomes an atom of collaboration. Users share content with a click, so a rethink is needed on how cloud data is secured and controlled.
Infosec professionals are moving away from folder or rules-based security towards more granular and autonomous approaches that secure and control data at the file level without placing an undue burden on their security teams.
“In the cloud, data security must be more granular, with a comprehensive understanding of diverse types of mission critical data from intellectual property to financial information to customer data and controls extending down to the file level,” said Concentric CEO Karthik Krishnan.
“That shift exponentially increases data security complexity and is driving the demand for autonomous solutions that don’t depend on hand-crafted rules and policies and can help enterprises satisfy their security and governance requirements easily.”
4. Test and assess
The current security landscape makes it imperative to always test, probe, and assess your own environment. There are always bad actors poking around on the edges of the network looking for weaknesses.
It is important to conduct penetration testing and security assessments of cloud environments, particularly as organizations transition more toward the cloud, according to Keith Novak, a managing director in the cyber risk practice at Kroll.
“The transition to cloud-based platforms has been a key trend in recent years, with associated security concerns weighing heavy on those involved,” Novak said.
“For all the operational efficiency, the possibility of the transition causing a security incident is both significant and justified. To identify gaps in security and build resilience, organizations should be rigorous in their penetration testing and security assessments of cloud environments.
“Not only should this be specific to the exact type of cloud infrastructure an organization is using, but cybersecurity testing experts should be simulating the most recent cloud-related threats.”
5. Work-from-home threats
The pandemic led many organizations to review their cybersecurity practices, as employees transitioned to work from home (WFH).
Even with many workers back in the office, the pandemic has turned many cybersecurity strategies from temporary actions into permanent strategies.
An increase in cloud-based cybersecurity services became necessary as the number of people working from home has grown. According to a survey by Tessian, 47% of people working in the tech industry clicked on a phishing email at work; 43% of people also reported making an error that had security repercussions.
“The lack of protection of firewalls in the office and the increase in BYOD has led to new concerns, as employees are using personal devices to access sensitive corporate information and leave organizations at risk,” said Michael Gray, CTO, Thrive.
“Hackers will continue to adapt. Businesses must be prepared to support a global workforce.”