As clouds of all types continue to reshape the way the enterprise data environment looks and runs, organizations and their technology partners will have to adjust the way they approach security in order to keep sensitive corporate data secure no matter how far outside the traditional perimeter the data resides. Cloud data security is one of the key technology topics of the mid-2010s. Here is a look at three trends necessary to consider when procuring a secure cloud solution for the modern enterprise.
1. Encryption of data at rest
In the cloud—particularly public clouds such as those hosted by SaaS providers—data must be encrypted at rest, never stored in the clear. The reason for this is that cloud adoption provides hackers and data thieves increased opportunities to steal or expose sensitive data: not only can they attack enterprise infrastructure and data connections, but also the servers of the third-party service providers enterprises use. In addition, should a third-party cloud service provider (CSP) be breached, any organization using the CSP's services could also suffer unwanted data disclosure. Encryption of data at rest, when applied by the enterprise, with encryption keys exclusive to the enterprise, will protect data from CSP breaches. Additionally, encryption at rest can also help companies remain in compliance with local, regional, or national data privacy regulations.
2. Multi-factor authentication
Once upon a time, unique login and password combinations were an enterprise's—and a CSP's—primary means of ensuring that only authorized users gained access to cloud-hosted applications, services, and data. The classic login/password combo isn't the most secure access control solution, however. In fact, logins and passwords are all too easily guessed or forced, leading many enterprises and CSPs to look for more reliable user authentication methods. One of those methods is multi-factor authentication, in which a user must provide more than one correct verification credential in order to log in. Such credentials can include passwords, biometric data such as fingerprints, or simply cookies stored on previously validated machines. When it comes to secure cloud access, multi-factor authentication can (and should) include the requirement for users to login from a corporate VPN or other access portal.
3. Big Data analytics applied to threat intelligence
The cloud does offer some security benefits in addition to its vulnerabilities. One of those benefits is the ability to aggregate and analyze data on a scale once unimaginable. CSPs and cloud security providers now often pool security incident and threat data and apply Big Data analytics to it to produce a growing body of threat intelligence and the ability to rapidly identify and respond to security events. The most secure cloud solutions—or cloud security solutions—leverage this intelligence to keep attacks at bay, even when those attacks are zero-day exploits without previously known signatures.
Procuring a secure cloud solution for your customers doesn't have to be a major challenge as long as resellers keep a few main principles in mind. Those principles are: data security (as opposed to infrastructure security), user access control, and threat intelligence. If you're unsure how to apply those principles to your customers' cloud initiatives, speak to one of our security experts today.
What cloud security trends are catching your eye? Tell us in the comments.