Caspar Herzberg |
This article first appeared in the Summer 2017 issue of The Record.
The cloud has become a pivotal part of many organisations’ collaboration efforts – and for good reason. It enables team members, wherever they are in the world, to work together in new ways, facilitating new levels of productivity and efficiency. But while the benefits of collaborating via the cloud are unprecedented, the move to a digital model brings with it security considerations that cannot be overlooked.
The shared responsibility model is universal among cloud providers: they ensure their infrastructure will be secure, but customers need to ensure whatever they do in the cloud is secure. In other words, both the cloud provider and the customers share in the responsibility of security.
This is critically important to understand when it comes to the latest attacks such as WannaCry, which impacted organisations in 150 countries including the NHS, FedEx, Renault and the Russian interior ministry. Microsoft can ensure that their Azure infrastructure is free from such ransomware, but if customers don’t protect themselves, they can introduce such ransomware into their own cloud deployments.
Cloud security ensures this malware won’t cross the cloud network to attack other cloud deployments – but that’s little comfort for the customer who’s just been hit with malware or an attack because they hadn’t taken proactive steps to harden their own cloud security.
There are a variety of best practices that organisations should follow in order to minimise their potential for becoming victims of phishing and ransomware. Among these best practices are implementing security awareness training, deploying systems that can detect and eliminate phishing and ransomware attempts, searching for and remediating security vulnerabilities in corporate systems, maintaining good backups and using good threat intelligence.
This need for enhanced security on the customer’s side of the shared responsibility model is what Barracuda addresses with its firewalls, which secure web-facing applications and networks – whether hybrid or fully in-the-cloud – from malware, ransomware and other attacks, while providing granular controls for managing access, traffic and reporting.
Having this type of solution in place will ensure that organisations are protected both now and in the future. At a time when both phishing and crypto ransomware are increasing at the rate of several hundred percent per quarter, a trend that Osterman Research believes will continue for at least the next 18 to 24 months, this is something that cannot be ignored.
Chris Hill is director of business development for the EMEA region at Barracuda. Visit www.barracuda.com/azure for more information