No cloud implementation – in any business unit at any company – is perfect. That’s a given. IT administrators, directors, and CIOs have always been forced to make compromises between convenience, cost, and security.
Everyone values efficiency and simplicity, which is why thousands of technology startups and established companies have been “disrupting” the old way of doing business with new solutions for long-standing challenges.
You are probably using a hybrid cloud. Even for the smallest companies, the litmus test is pretty simple: do you keep some data on a shared drive that's exclusive to your company, and other data on an online cloud storage platform like Dropbox? If so, then congratulations, you're a hybrid cloud user.
“History doesn’t repeat itself,” the great old orator and writer Mark Twain once said, “But it does rhyme.”
Although everything that is happening is always inherently new, some older eras of civilization can tell us a lot about ourselves, and even give us insights into where to go next.
When you move to cloud storage, does governance carry over? How do you make sure that your employees won’t use it to compromise critical data? We've witnessed the challenges when it comes to secure cloud storage as Box, Dropbox, and OneDrive have all been either used or misused to accomplish data breaches.
So, how do you move to the future of storage and communication while still keeping security intact?
There are a lot of talented people in our industry. We thought it would be a good idea to interview them for our blog and find out their thoughts and opinions on key industry issues.
Our first interview is with Andrew Hay, CISO of DataGravity. With over 15 years of data security experience in various roles inside organizations as well as advising them, Andrew is responsible for the development and delivery of DataGravity's comprehensive data security strategy. Prior to DataGravity, Andrew was the director of research at OpenDNS (acquired by Cisco) and the director of applied security research and chief evangelist at CloudPassage. He also previously served as a senior security analyst for 451 Research’s enterprise security practice (ESP). Andrew draws on his data security expertise to share commentary and thought leadership about the industry, having published a series of playbooks, guides and articles in trade publications. His thought leadership and security expertise have been recognized by the SANS Institute, IT Knowledge Exchange, CEOWorld, as well as other organizations.
1. What percentage of attacks do you think are targeting the theft of data?
That's a very difficult question to answer as there are so many variables influencing the value of the data and the lack of security controls protecting the data.
Cloud storage is the new USB drive (which is the new floppy disk) with regards to the ability for an insider to surreptitiously transfer sensitive data outside of their organization. As all of the popular cloud storage platforms utilize SSL, there is very little inspections capabilities available at the network level - though one might argue that if the data is already in flight, you've already lost the ability to prevent it from leaving.
Port scanning is often a probing precursor to a potential attack as a way to see how soft the target is. Port scanning should be treated as an early warning indicator but not as a definitive sign of an active attack.
That is a battle that has been around since the dawn of networks. I believe that we should follow a zero-trust model and only allow communications through our firewall that we know serve a business purpose. This would dramatically reduce our attackable surface area.