Into the Cloud for Security
Welcome
I still remember the day in the not too distant past when someone told me that Linux wasn't allowed on the network. I can remember the day when someone told me that he didn't want Windows 95 on his network because he thought it was "too chatty," and so he stuck with Windows 3.11 for probably two or three more years. In the very recent past, someone – actually multiple someones – told me that to put anything in the cloud was "just asking for trouble." My, oh my, how times have changed. It isn't that I love being right. OK, so maybe I do love being right – about technology. (Apologies to my wife for believing that I'm actually right about anything else.) I do, however, love being right about certain things: Linux, Windows operating systems that evolved beyond Windows 3.11, and the cloud.
You see, multiple years ago I embarked on a dangerous journey stating that someday all computing would be in the cloud. That's right. Our servers, or workloads as they would be called (right about that one), our workstations (Chromebooks come pretty close – I'm counting it), and yes, even the most ridiculous of all my prognostications, security would be in the freaking cloud! It doesn't sound radical now, but in 2012, it could get you physically abused to utter such a preposterous notion out loud. I dared to utter it, and now, it has come to pass.
Do you realize that it's actually better now to have your security in the cloud than on premises? It's true. If you don't believe me, google it. You know how to google, don't you? Just put your paws on the keyboard and type S-E-C-A-A-S. Security as a Service (SECaaS) is an actual thing. Companies are heading to the cloud for security in huge numbers. Whether you call it SECaaS or Software as a Service (SaaS) security, the result is the same: Real-time data analytics finding and blocking threats from your very vulnerable network has made traditional perimeter-based security and signature-based anti-malware as obsolete as stone tools and film cameras.
Sure, I know there are those who will give up their signature-based anti-malware when you pry it from their cold, dead, compromised workstations, but believe me, they will. Yes, there is still a need for perimeter-based security, but certainly you aren't naive enough to believe that it prevents threats such as fileless malware, advanced persistent threats, and stolen credentials. Are you? Yes, if John downloads an infected file of some sort, your up-to-date, signature-based anti-malware program will happily alert and ask you to quarantine the evil beasty that now lurks in the Downloads folder.
But what about the beasties you don't know about that have traversed some exploit in your firewall and are now pivoting throughout your network using command-line utilities and PowerShell to snag your data, plant crypto mining software, and provide you with some intriguing new ransomware? And all of it looks like normal activity to your anti-malware suite. This isn't FUD, my friends, it's real. Once you've been through such a breach, it's hard to sleep at night knowing that your network is vulnerable, unwatched for at least 12 hours a day, and probably compromised so badly and so stealthily that you won't be able to find that you've been compromised for an average of 191 days (according to a 2017 Ponemon Institute survey [1]). It takes an additional 60+ days to remediate that compromise that took more than six months to find.
The answer, my friend, is flowing in the cloud. OK, so that was a poor attempt at ripping off an old Bob Dylan song, but the sentiment is honest. The cloud has unlimited resources to throw at finding, detecting, and thwarting threat actors without compromising your network security in the process – and at a commoditized cost to you. If you don't believe me, price out your own infrastructure, trained security personnel, expensive training, and vast amounts of storage to do what could be used as a service. I compare it to producing your own electricity vs. tapping into the grid. Most of us choose the grid, and all you need to engage one of the cloud security (SECaaS) companies to assist you is … ummm, uh … OK, sorry about this – a signature.
Ken Hess * ADMIN Senior Editor
Infos
- 2017 Cost of Data Breach Study, Ponemon Institute, pg. 3: https://info.resilientsystems.com/hubfs/IBM_Resilient_Branded_Content/White_Papers/2017_Global_CODB_Report_Final.pdf
Buy this article as PDF
(incl. VAT)