Featured Stories

Filter By Categories

The Role of the Cloud in Preventing Data Breaches

By Ryan Kroonenburg  |  August 15, 2018  |   Cloud Security   |  

Security breaches and other data exposures have been frequent headliners for the past few years, and 2018 is unfortunately no exception. Data breaches are increasing in both number and severity with 71% of U.S. enterprises and 67% of global enterprises reporting at least one data breach this year.

While data breaches do occur in the Cloud, the majority of data leaks happen within on-premise systems. Add to that, 77% of enterprise-size companies don’t have an up-to-date cybersecurity response plan.

Barring a few skeptics, companies worldwide are now recognizing the security benefits that come with transitioning their data to cloud-based solutions, and according to Gartner, the Cloud will be the default option for software deployments by 2020.

 

What Makes the Cloud More Secure Than On-Premise Solutions?

 

1. Cyber Security Expertise

Most cloud service providers will implement and manage considerably better IT security controls than internal IT departments. In a 2017 Gartner Report on cloud security, analyst Kasey Panetta writes that security provided through a well-built cloud system is as good or better than most enterprise data centers. The report reveals that public cloud implementations of infrastructure as a service, or IaaS, are hit with 60% fewer attacks. Panetta surmises this dearth of attacks results from attackers not wanting to target systems that are run with extreme attention paid to security tools and monitoring.

Cloud skeptics may point to some high profile data breaches that occurred within cloud-based solutions as evidence against cloud services providers (CSPs) offering better data security. However, it should be noted that those breaches were a result of human error and not the security of the Cloud. Cloud security is a shared responsibility. CSPs are responsible for the security of the cloud, and you are responsible for your security in the cloud. Cloud customers need to understand the role of their CSP and their role in securing their data.

Big cloud vendors, such as Amazon, Microsoft, and Google attract the world’s most talented engineers and have the money to pay for large security teams and the best security tools available. With the Cloud, you get access not only to the best data centers but also to highly skilled teams of IT professionals tasked with protecting your cloud infrastructure.

 

2. Security Innovation and Agility

When data breaches do occur in the Cloud — regardless of whether it was due to customers’ human errors — the big CSPs are quick to respond with solutions to help users improve operational security. For example, Amazon launched AWS Secrets Manager after a string of reports about attackers stealing passwords improperly stored within Amazon Web Services.

Amazon, as well as the other leading CSPs, are constantly bolstering security capabilities and offering customers new tools and techniques to help avoid human errors that may compromise their data. The most advanced security services are cloud-native. Security innovation is happening in the Cloud and being designed specifically for cloud-based solutions.

Cloud-native security helps customers build a more robust and flexible IT architecture. It blocks threats more quickly and scales more easily than traditional VM security.

 

3. Controlled Access

Human error drives data breaches and was estimated to be responsible for up to 90% of them in 2017. Cloud skeptics think that keeping their data in-house allows them to better control it. In reality, the opposite is true.

According to Ben Bernstein, enterprise security expert and InfoWorld contributor, cloud-native security offers more control. He says, “Because the network pattern used by the microservices are much more specific and precise, it is far easier to create predictive models using machine learning. For traditional VMs, multiple flows run in parallel and it’s much more difficult to create and maintain rules that precisely capture the full range of allowable traffic.”

Additionally, the lack of physical access to data stored in the Cloud makes it more difficult for sensitive information to fall into the wrong hands because of an employee’s mistake. As human control of your information decreases, so does your risk.

 

4. Frequent Audits

CSPs are held to tougher standards than on-premise systems. They are audited at least once a year to detect flaws in their security systems. Legacy systems do not have this requirement.

CSPs must comply with two main types of standards: horizontal and vertical. Horizontal standards are overall standards that are applicable for any data stored in the Cloud. Vertical standards are industry specific and take into account compliance requirements of those industries.

The Cloud Security Alliance (CSA) was formed to promote best practices and provide a consensus for all CSPs on the most effective ways to provide security assurance in the Cloud. It provides tools and processes for auditing the security of cloud-based solutions.

CSPs reputation and business relies on upholding the highest level of data security. They’re motivated to frequently audit their security systems and be continually improving it. On-premise solution providers are not.

Data breaches are now a fact of life. Unfortunately, there aren’t any security solutions for human behavior. But CSPs have the most talented IT professionals and cyber-security experts available constantly innovating and creating new technologies to stop attacks and help prevent human errors that compromise data. Cloud-native security is the future of data security. Cloud adoption and cloud-fluency are crucial for organizations wanting to protect their data.


Not an ACG for Business member yet?

We provide everything you need to level-up your team’s skills, establish a cloud culture, prepare your business for the future, and get the absolute most out of each and every license.

Explore ACG for Business

Popular Tags

Enterprise Certification Career News New Products AWS Press Releases Partner Story Corporate Interviews Cloud Security Google Cloud Platform Machine Learning AWS Summit Serverless azure re:Invent Containers GCP tradeshows

Search the ACG blog