By Kim Del Fierro
The number of cloud users is steadily growing. According to Statista, in 2018 there are 3.6 billion consumer cloud-based service users, which is a significant jump from 2.4 billion users in 2013. Businesses are starting to rely more on cloud-based services as well. Public cloud offered by third-party providers such as Dropbox is the go-to solution for many companies, but there’s also the route of private cloud, used mostly by large enterprises who have the resources to operate it.
Another solution is gaining popularity by combining the best of those two worlds: the hybrid cloud. 90% of organizations will move to hybrid cloud infrastructure by 2020 according to Gartner. However, despite being an attractive solution for organizations of all sizes, hybrid cloud also poses more security challenges. Let’s have a look at some of them:
Understanding Shared Responsibility
The first and foremost challenge of securing the hybrid cloud is the end user’s mindset. It’s not uncommon for the burden of security to fall onto the cloud service provider, and that’s what can lead to lax security on the part of the organization.
However, cloud security responsibilities don’t stop with the service provider. Instead, organizations need to acknowledge that maintaining cloud security is a shared responsibility between them and the provider. Of course, the provider is responsible for the safety of the infrastructure, but the ones responsible for securing the data are the organizations. This essentially means that organizations need to make sure they have the proper practices in place to do it. From encrypting the data to implementing their access policies and regularly updating and monitoring the software, organizations still need to be proactive.
Preventing Cloud Threats
As being a combination of public and private cloud functionalities, a hybrid cloud can have many different ways of operating. It also faces a myriad of various threats, and some of them are not cloud-specific. Unfortunately, hybrid cloud security can be compromised through man-in-the-middle attacks, as well as ransomware, BEC (Business Email Compromise) and malware attacks, among other threats.
It is why it’s crucial for organizations to have the proper defense in place against these threats. Data breaches can have serious consequences, and a vast majority of them start with phishing attacks. Phishing can be the vector of attack of any of the above-mentioned common threats to cloud security. How can organizations protect themselves from attacks that target the weakest link of any security systems — humans?
Acquiring Phishing Protection
The obvious answer would be an anti-phishing solution. Organizations cannot afford to overlook phishing as the most prevalent cause of data breaches that cost organizations $5.3 billion in losses last year. Area 1 Horizon provides the necessary protection by utilizing preemptive technologies to discover, detect and take action against phishing threats. That way, they don’t even reach you. Instead, they’re neutralized before they can jeopardize the safety of the data stored within the cloud.
Hybrid cloud faces security challenges like any other fast-expanding popular technology. With some care, proper planning, and prevention, you can keep your cloud security on a high level. Neutralizing phishing attacks is a big part of cybersecurity, owing to their prevalence. Visit our website for more information on how we put a stop to phishing attacks and keep your organization safe.
Kim Del Fierro is VP of Marketing for Area 1 Security.