Menu
CA Expo: How to manage cloud security challenges

CA Expo: How to manage cloud security challenges

Increased security threats facing organisations outlined

How can businesses tackle the security challenges presented by a cloud IT environment? Software vendor, CA, dished out some advice at the CA Expo at the Sydney Convention and Exhibition Centre.

CA chief security architect, Tim Brown, outlined the increased security threats facing organisations.

Creation of malware used to be motivated by notoriety but this has changed since Web 2.0 came onto the scene. With more technology, reach, better bandwidth and a connection into almost every home, the “bad guys” learnt how to make money and organised crime has come into the picture, according to Brown.

“Over a short period of time – about a year – the motivation of malware shifted from notoriety to monetary,” he said.

Brown claimed 98 per cent of the malware is created purely for either stealing information off a machine or taking control over a machine and using it as a botnet. Organised crime has also entered the picture and cyber attacks have becoming big business.

“They’re looking, they’re investigating, they are finding threats before the good guys find the threats and they are taking advantage of that,” he said. “It just shows the level of maturity they have.

“... The cloud and virtualisation are really going to make this issue of where data is stored, how data is controlled, even more difficult.”

Companies that chose to adopt external cloud models are presented with risks and opportunities. Handing information and applications over to a third party service provider might seem risky but a service provider may enforce better security practices to protect the data than can be done internally, according to Brown.

“That said, we see a huge number of disparate companies in the cloud,” he said. “We’re seeing a huge expansion right now, especially on the infrastructure-as-a-service (IAAS) area where lots of little companies are popping up, willing to give you machines on demand.

“The problem is, not all these guys are very mature... So it is really buyers beware in some of these instances.”

Overall, Brown saw the loss of control, distrust in service providers and lack of awareness of users in terms of what has gone into their cloud environments as some of the major challenges in this field.

He made the following recommendations to solve the problems:

  • Identify what are appropriate cloud solutions by evaluating the people, processes and technology that affect the cloud.
  • Evaluate service providers on depth of solution, security, references and viability.
  • Understand the risk, create complete compliance plans and including the cloud provider and its solutions. Adjust, not overhaul, security policies to fit a cloud environment.
  • Closely scrutinise contracts, service level agreements, availability and disaster recovery plans
  • Understand the how the cloud service work and what it can do for the business; become an auditor.
  • Move security closer to the data such as through encryption and managing keys appropriately.

Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags CloudvirtualisationcaCA Expo

Featured

Slideshows

Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Malwarebytes shoots the breeze with channel, prospects

Malwarebytes shoots the breeze with channel, prospects

A Kumeu, Auckland, winery was the venue for a Malwarebytes event for partner and prospect MSPs - with some straight shooting on the side. The half-day getaway, which featured an archery competition, lunch and wine-tasting aimed at bringing Malwarebytes' local New Zealand and top and prospective MSP partners together to celebrate recent local successes, and discuss the current state of malware in New Zealand. This was also a unique opportunity for local MSPs to learn about how they can get the most out of Malwarebytes' MSP program and offering, as more Kiwi businesses are targeted by malware.

Malwarebytes shoots the breeze with channel, prospects
Show Comments