What should I pay attention to when using SaaS for intrusion defense?

What should I pay attention to when using SaaS for intrusion defense?

Security is a major concern for companies that consider cloud deployment. However, many cloud security problems are self-defeating.

2014, known as the year of leaks, is known for large-scale hacker attacks. Sony, Target, Home Depot, and JP Morgan are on the victim list. When many IT professionals repeatedly direct the problem to the cloud, the assistance of moles or the carelessness of access control is the real culprit. These security problems have existed in IT for many years, but the cloud and the fear that once data is put out of the firewall, IT will lose control, and once again highlight these problems.

Using Cloud and burden-reduction IT systems puts security concerns at the forefront and is changing IT security practices and tools globally. If the cloud is safe, local operations will be safer.

Although security is still a common IT problem, cloud security problems prevent potential deployment. While most IT teams cite security as a stumbling block to cloud deployment, privacy regulations are often the main reason why many people keep their data locally. This gave rise to a hybrid cloud model where locally deployed facilities can work with the public cloud to maintain data storage. However, major cloud providers do not currently support this method. In this form of co-hosting, hosting services can produce higher fees than Amazon Web Services. However, common management provides a LAN network speed for connections between the cloud and the cloud, greatly reducing the number of public cloud instances and the number of job operations.

To ensure cloud security, it is necessary to properly use authentication and login control. This should be as easy as protecting locally deployed data, but the low cost and low threshold of the cloud have led to explosive growth of computing at the department level. Countless studies have shown that a significant part of a company's IT footprint is beyond the control of the IT department. This is especially true for HR tools and marketing applications, such as Salesforce.com hosted on the cloud.

Bringing your own device (BYOD) makes it even easier to download and upload important company data. For example, if an employee allows LinkedIn to search for their Outlook Address Book, the company's sensitive data will be leaked.

In 2015, the IT department will continue to struggle with these Department-level computing and BYOD problems. To restrict these problems, the Organization must implement identity management and add authentication. Blocking bad guys is a good start. According to the report of the cloud security alliance, nearly 2014 of user passwords were stolen in 15%. The cloud security alliance also identified a series of internal problems, from downloading the customer list or developing code when leaving the company to uploading personal or sales data to social media.

To solve these problems, many organizations use data division methods. However, the implementation is usually poor. Because the security of NAS servers is usually very poor, employees can access all network attached storage (NAS) data in a department or the entire enterprise.

Intrusion defense: SaaS considerations in 2015

In September 2015, intrusion defense will focus on terminal detection and mobile device management. It is necessary to prevent downloading and uploading, and everything starts from the server. With the development of intrusion defense, new services will rise in this year. It is technically feasible to prevent downloading information by locking the browser, so it is also feasible to use a pure browser-based enterprise data access mechanism.

 

However, a browser-based mechanism cannot solve the Department's computing problems. In addition, these problems are out of control in most organizations. Many administrators try to command their suppliers, and most of the responses are: Flash! The best way is to work together to determine the needs. Then, an application is provided through a local app store. In this way, the problem of negotiation and technical support is solved while a better price is introduced. It also controls the unordered expansion of applications.

 

If necessary, it is also possible to disable some applications. Similarly, prevent the upload of company files by blocking the download. This process is easy for local applications, but it is difficult for software as a service (SaaS) applications on the cloud.

SaaS has become the path to minimize the resistance to more agile business processes. Low price, without approval of capital expenditures in the early stage. However, implementing company management standards in SaaS environments is a big problem, especially after a department-level agreement has been signed. Remember, SaaS vendors mainly operate on the public cloud, so there is a second level of management issues.

A good app store can associate the SaaS contract with the vendor through proper supervision, but the Department's SaaS is where the CEO needs to establish negotiation rules. Requiring IT personnel to sign a statement that complies with the audit before the agreement may achieve the desired results.

When it comes to enhanced security, the cloud has a great advantage over the local environment. The scale of cloud installation creates a lower average security cost for each user for cloud providers. Ensuring standards and data management remains a challenge for any public or hybrid cloud users. However, in a world full of hackers, implementing a successful cloud plan is an inevitable premise, even if the protection of local services has a high priority on the list.