24 Apr 2017

Security in a cloud-connected world

With more and more Australian businesses moving their workloads to the cloud, it’s important to ensure data remains secure.

However, not all data is equally important, so it’s not always necessary to apply the strictest security policy on every application. Businesses should start by objectively assessing the business risk if that data were to be compromised. This is a combination of the probability of a data breach occurring plus the impact of that data breach. Assigning a score to each of these considerations lets organisations decide how much to invest in keeping that data secure.

At this point, there are four key elements businesses should examine to ensure they’re getting security right:

1. Compliance framework.
Cloud providers gain security credibility through certifying their platforms onto compliance frameworks and industry-based compliance standards. Complying with these standards ensures the customer receives a higher quality of service and diminishes the likelihood of that provider being successfully breached. Businesses that value their data and intend to shift to the cloud need to make sure that the chosen cloud provider is certified with the appropriate framework for the data.

2. Brand impact
Businesses must consider the impact on their brand if they experience a data breach. While brand value is often considered intangible, there are ways to measure it. For example, private organisations measure it through revenue leakage, while not-for-profits and government organisations would measure it as reputational.

3. Data regulation
Different types of data are subject to different regulations. For example, the Australian Taxation Office (ATO) requires that all financial records are retained for seven years. If businesses intend to store financial records in the cloud, they need to make sure the provider will let them retain data for the required seven-year period.

4. Data classification
Some data is classified according to its content, like heath records, and there can be different levels of classification assigned to this data, such as cabinet in confidence, protected, highly-protected and so on. It’s essential to ensure the business’s preferred cloud solution complies with that data classification level and protects it accordingly.

The importance of protecting outbound traffic
Another key element to note is the importance of protecting outbound traffic. Currently, industry discussions around security usually focus on the importance of inbound perimeter protection and intrusion detection: keeping the cybercriminals outside the network. However, in most networks, hackers will always find a chink in the armour, no matter how small. A more mature security policy is to recognise this inbound threat and adopt a security posture of containment.

Containment means it’s essential to control the damage once a cyber adversary has breached the perimeter. Specifically, the security measures should prevent the attacker from going back outside the network to download malware or ransomware. Downloading their payload requires the hackers to communicate outbound from the network. Preventing this is what keeps the network safe.

There are technologies and solutions that can block the outbound communication effectively but IT managers are often reluctant to use these as they can impact on the user experience, attracting complaints from employees because they can’t access their social networking sites, for example.

The best way to protect outbound communications is via a transparent proxy server. This isn’t automatically provided as part of a cloud solution, as it can be difficult to setup, so IT decision-makers often don’t purchase one.

Too many IT managers are misunderstanding the risk of outbound communications and failing to implement this simple, yet effective measure. By doing so, IT managers can effectively secure their organisations’ data whether it lives in the cloud or on-premise.

Top