123ArticleOnline Logo
Welcome to 123ArticleOnline.com!

ALL >> Computer-Programming >> View Article

In Wake Of Target Breach, Firms Focus On Cloud Security

By Author: skyhighnetworks
Total Articles: 54

After a massive breach involving millions of customer credit cards, Target and the government are investigating what went wrong. What’s clear is that cyber criminals are using increasingly sophisticated attacks against valuable assets, and one of their main targets is the cloud. “As more companies store their data in the cloud, attackers are looking for one stop shopping for sensitive data,” according to Jason Ejuma, Director of Cybersecurity at Google.

When thousands of companies store data in one place, it makes an attractive target for criminals looking to amplify the rewards of a successful attack. Rather than just one company’s data, they now have access to thousands.

Cyber criminals are adapting their tactics to take advantage of the growth in cloud usage, leverage Cloud Security services for a variety of different types of attacks. Watering hole attacks take advantage of tracking services that track users as they surf the web to find vulnerabilities and plant malware. These tracking services offer no business value to the company being tracked, and are a security risk if left unmanaged. While the vector of attack is a website, the cloud is an integral part of way the attack works.

In some cases malware can be delivered directly from a cloud service. Open source code repositories are experiencing increases in malware being inserted into code that is then downloaded by unsuspecting developers with the risk of it making its way into their own company’s products and services. IT security teams need new tools and approaches to identify threats that exploit tracking services and open source code repositories so they can take appropriate steps to secure the organization and its data once a attack or malware infection has been identified.

The cloud can also be a vector of data theft. Malware can exfiltrate data from your company into a cloud service. For instance, using Skyhigh one company found a single IP address at the company sent over 100,000 tweets in a single day. Upon closer inspection, they found the computer was infected with malware that was exfiltration data 140 characters at a time. It can be difficult to separate typical activity, say a marketing team using Twitter, and a bot that is stealing valuable data. That’s where baselining and anomaly detection come into play. By developing behavioral baselines IT can quickly identify when a security breach occurs.

Employees are voting with their feet by choosing to adopt technology that helps them be more productive and grow the business. In a sense, they’re crowdsourcing the selection process for new technology and providing an enormous service to the IT department by selecting services that they will like to use. Instead of going through lengthy procurement processes that may end up selecting a technology that doesn’t work for the business, IT has an opportunity to partner with the business and enable and secure the Cloud Security services that are already in use.

Once companies have visibility into what cloud services are in use and the enterprise readiness of those services, they can then go and enable the ones that make sense. That can include consolidating multiple services onto 1-2 low risk services using enterprises licenses, which not only improves collaboration but also reduces cost with volume pricing. Companies are blocking fewer low risk cloud services and instead are embracing them. For instance, a company using 39 different file sharing services standardized on Box – and in doing so improved collaboration and reduced their overall risk and cost.

Author :
Skyhigh Networks, the Cloud Security Services company, enables companies to embrace Cloud Security Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com/ or follow us on Twitter@skyhighnetworks.

Total Views: 104Word Count: 680See All articles From Author

Computer Programming Articles

1. A Manual For Automation Testing Frameworks
Author: Siyaram Ray

2. Php Advantages And Its Particular Reference To Seo Services
Author: Rohit Sharma

3. 4 Reasons To Learn Javascript
Author: priya

4. Kunsh Technologies - Outsource Web Development Company
Author: Darshan Shah

5. Ui Test Automation Best Practices You Should Follow
Author: Siyaram Ray

6. Send Bulk Sms Gateway Api
Author: I am associated with msgclub as a business development executive and like to know more about BULK SM

7. Php Framework Inbuilt Capacities For Developers.
Author: Infocampus logics pvt ltd

8. Full Stack Developer Training In Bangalore
Author: rpahome

9. Android App Development Course In Mumbai
Author: prashant

10. Learn Selenium – Some Useful Hints
Author: Siyaram Ray

11. Importance Of Selenium Training With Java In Bangalore
Author: Siyaram Ray

12. Detail Portrayal About Java Collections
Author: There are huge number of institutes for Java in B

13. Selenium For Automated Website Testing
Author: Siyaram Ray

14. 10 Steps To Become An Outstanding Java Developer
Author: The Best Institute to Learn Java Training in Banga

15. New Planet Defender Game
Author: Planet Defender Game

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: