IT PARK
    Most Popular

    GPT-4 will allow users to customize the "personality" of the AI, making the avatar a real "person"

    Aug 14, 2023

    Uncover 10 big data myths

    Sep 02, 2023

    What is the connection between blockchain and Web 3.0?

    Sep 28, 2023

    IT PARK IT PARK

    • Home
    • Encyclopedia

      What is brute force cracking?

      Oct 01, 2023

      What is the reason for the computer card? How to deal with the computer card?

      Sep 30, 2023

      Which is better, laptop, desktop or all-in-one

      Sep 29, 2023

      icloud space is always insufficient to do

      Sep 28, 2023

      What is the difference between the Guid format and MBR format for computer hard drive partitioning?

      Sep 27, 2023
    • AI

      What are the young people interacting with Japan's "Buddhist AI" seeking and escaping from?

      Oct 01, 2023

      Nvidia Announces GH200 Superchip, Most Powerful AI Chip, to Accelerate Generative AI Workloads

      Sep 30, 2023

      Google has categorized 6 real-world AI attacks to prepare for immediately

      Sep 29, 2023

      Samsung considers replacing Google search with Bing AI on devices

      Sep 28, 2023

      Generative AI designs unnatural proteins

      Sep 27, 2023
    • Big Data

      What are the misconceptions in data governance in the digital age?

      Oct 01, 2023

      What is a data warehouse? Why a Data Warehouse?

      Sep 30, 2023

      What is Data Governance? Why do organizations need to do data governance?

      Sep 29, 2023

      Winning Business Excellence with Data Analytics

      Sep 28, 2023

      Has the development of big data come to an end?

      Sep 27, 2023
    • CLO

      How to Reduce the Risk of Cloud Native Applications?

      Oct 01, 2023

      How should the edge and the cloud work together?

      Sep 30, 2023

      Last-generation firewalls won't meet cloud demands

      Sep 29, 2023

      Healthcare Explores Cloud Computing Market: Security Concerns Raise, Multi-Party Collaboration Urgently Needed

      Sep 28, 2023

      Remote work and cloud computing create a variety of endpoint security issues

      Sep 27, 2023
    • IoT

      Berlin showcases smart city innovations

      Oct 01, 2023

      IoT solutions lay the foundation for more effective data-driven policing

      Sep 30, 2023

      CO2 reductions won't happen without digital technology

      Sep 29, 2023

      4 Effective Ways the Internet of Things Can Help with Disaster Management

      Sep 28, 2023

      6 Ways the Internet of Things Can Improve the Lives of Animals

      Sep 27, 2023
    • Blockchain

      Which is better for the logistics industry and blockchain

      Oct 01, 2023

      Will blockchain revolutionize the gaming industry?

      Sep 30, 2023

      How do you make a blockchain investment?

      Sep 29, 2023

      What is the connection between blockchain and Web 3.0?

      Sep 28, 2023

      Canon Launches Ethernet Photo NFT Marketplace Cadabra

      Sep 27, 2023
    IT PARK
    Home » CLO » Is the enterprise ready to protect its cloud computing?
    CLO

    Is the enterprise ready to protect its cloud computing?

    As more and more enterprises transfer their business to the cloud platform, it is crucial to understand the most common and dangerous cloud security risks and how to maintain protection.
    Updated: Aug 27, 2023
    Is the enterprise ready to protect its cloud computing?

    The benefits of cloud computing service provision are obvious: they are an efficient and affordable way to expand business operations and enable enterprise employees to maintain productivity anywhere. However, even with so many benefits, many enterprises are not prepared for the risks brought by cloud computing services.

    Because enterprise data resides in dozens of cloud applications, and users access valuable enterprise resources through uncontrolled endpoints and networks, the security environment is more complex than ever.

    No wonder a recent survey found that only 27% of respondents expressed confidence in their handling of cloud security alert data, and 92% said they needed to improve cloud security skills. If these data ring the alarm bell, they should indeed ring. Facts show that most enterprises are vulnerable to cloud security threats.

    Although cloud computing brings a lot of risks, the following summarizes five areas that may pose the greatest threat to enterprises.

    1. Incorrect configuration may lead to data leakage

    Although cloud computing has great flexibility, it can also create complex systems, leading to configuration errors. These are not trivial matters. They are the main causes of network attacks in 2020, resulting in an average loss of $4.41 million.

    Due to the disjointed nature of cloud service deployment, enterprises are forced to manage their own patchwork systems with their own strategies, functions and requirements. When new security vulnerabilities occur, enterprises usually deploy special products to protect the data in these applications. But this actually increases the burden on the enterprise's IT and security teams, because they now need to handle multiple security products at the same time. For the most confident security professionals, this is a difficult balance to achieve, which may leave a visibility gap for enterprises, leading to data leakage and avoidable infrastructure exposure.

    1. The existing access management methods are insufficient

    Cloud applications bring a large number of users, terminals and networks. To ensure that business operations continue securely, enterprises need a way to effectively manage all these identities.

    One approach is single sign on (SSO), which helps reduce this complexity by granting users access to the application when the application provides the correct, hardened authentication. However, this is a binary solution that users can access if they provide the correct password or authentication. Without considering other factors related to access, such as user behavior or endpoint health, single sign on (SSO) cannot provide any protection for data. This may be a problem because once users enter the infrastructure, their operations will not be monitored.

    Similarly, virtual private networks (VPNs) provide basic protection for internal assets, but lack any additional monitoring capabilities. In addition, they provide network wide access, which means that if an account is destroyed, the threat actor can easily move horizontally and destroy the victim's data.

    1. Physical Methods in the Digital Age

    Enterprises are used to deploying independent device based security tools to protect data and monitor abnormal activities. This works when all user entities reside within the boundary. But now it has been operated in the cloud, with a new set of requirements.

    Device based point products are not built for cloud computing environments. When enterprise data is in various cloud services and your users connect from anywhere, these traditional tools lose the visibility and control they once had. In essence, they are also deployed as independent tools, which means that they cannot integrate well with each other and create inefficient workflows, which may leave security vulnerabilities, even for activities occurring in the enterprise network. For example, the internal Data Loss Prevention (DLP) tool for discovering data does not always work with the Secure Web Gateway (SWG) to prevent data from leaking to the Internet.

    1. Lack of network security talents

    In addition to the deployed tools, one of the major challenges faced by enterprises is the lack of skilled network security professionals, especially in the aspects related to cloud computing. According to a survey conducted in 2020, only 27% of enterprises are confident in their ability to solve cloud security alerts, and 84% of enterprises say they need more employees to narrow the gap.

    Independent tools can lead to inefficient and safe operations. If products do not work well with each other, additional management tasks will be required, which will bring additional pressure to enterprises that are already understaffed. This provides space for human error, which may have a negative impact on the ability of enterprises to retain talents.

    1. Emerging modern threats

    The threats faced by enterprises are very different from those when everything is within the scope of the company. For example, the Internet is now the default network for users. This means that employees can easily use unapproved applications, whether personal versions of enterprise applications such as Google Workspace or other applications not approved by the it department, to process sensitive enterprise data.

    In addition to leaking data through the Internet, a new generation of malware, such as ransomware. These threats can be easily spread through phishing, not only through email inboxes, but also through a large number of cloud computing and mobile applications, which exceeds the monitoring capabilities of traditional security tools.

    Aggregation capability, let automation play a leading role

    Instead of relying on the manual labor of security professionals, enterprises need to consider a unified security approach, in which data and automation play a leading role. When an enterprise uses a cloud delivered security platform that integrates IT and security operations, rather than a boundary based strategy to purchase independent products, it can relieve some of the pressure on the security team.

    With a centralized view of the enterprise, you can ensure that misconfigurations are corrected quickly. Enterprises can also implement adaptive policies that go beyond binary "yes no" decisions and grant users granular access based on the zero trust principle.

    The unified cloud delivery platform has rich telemetry functions for users, terminals, applications and data. This will provide enterprises with cloud computing and storage capabilities to ensure that threats are mitigated and data security is automated. All these functions work together to ensure that the enterprise's security team is ready to deal with the new risks and challenges they will encounter in cloud computing. ​

    cloud computing business cloud platform
    Previous Article How to prove you're human in the AI jungle?
    Next Article Six big data mistakes that enterprises should avoid

    Related Articles

    CLO

    The shift of ERP to cloud computing requires ERP channels to adapt

    Aug 25, 2023
    CLO

    To make more environmentally friendly use of the cloud IT infrastructure, start with these aspects

    Aug 31, 2023
    CLO

    Remote work and cloud computing create a variety of endpoint security issues

    Sep 27, 2023
    Most Popular

    GPT-4 will allow users to customize the "personality" of the AI, making the avatar a real "person"

    Aug 14, 2023

    Uncover 10 big data myths

    Sep 02, 2023

    What is the connection between blockchain and Web 3.0?

    Sep 28, 2023
    Copyright © 2023 itheroe.com. All rights reserved. User Agreement | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.