Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along with a steady stream of well-publicized data breaches, only add to the uncertainty.
In his session at 16th Cloud Expo, Denny Heaberlin, Security Product Manager with Windstream's Cloud and Data Center Marketing team, discussed how to manage these concerns and how choose the right cloud vendor, an essential part of any cloud strategy.
5. COMPLETE SECURITY PORTFOLIO
Managed Firewall
Operating System
Hardening
Intrusion Detection DDoS Mitigation
Log Management Web Application Firewall
Threat Management Vulnerability Scanning
Monitoring VPN Services
Multi-factor
Authentication
Physical Data Center
Security
Anti-virus / Anti-Malware
Services
Email Security
Global Load Balancing
Backed by policies and
procedures that adhere to
the CIA security policies
model, Windstream
custom delivers security
solutions designed to meet
your individual business
needs, including:
6.
7.
8.
9. Distributed Denial of Services Attacks – DDoS
3Gbps vs. 300Gbps
Data Breaches
2014 - Data breaches against major corporations, particularly retail
Shadow IT
FBI and Department of Homeland Security released a warning
SQL Injections
Unauthorized Database Access
TOP CYBER ATTACKS
10. CLOUD IS KEY FOR GROWTH
Oxford Economics conducted a national survey of 350 executives which shows that
cloud computing is fundamentally altering business processes and changing the
way organizations interact with customers, partners and employees
Most say cloud is a key to their innovation strategy and is part of the long-range vision in the
next two years
Geographic expansion and new lines of business are seen as key goals enabled by the cloud
Collaboration among business units and partners, innovation, improved customer service, time
to market and business agility are highly valued benefits of moving to the cloud
13. “Today, business is all about risk mitigation, transference, or acceptance. One of
the questions we have to constantly ask is whether we can lower our risk by
running an application in-house or in the cloud.”
– Kevin Buchanan, Director of IT Infrastructure at Randolph Hospital
CLOUD OR NO CLOUD?
15. INTERNET OF THINGS (IoT)
2003
2010 2015
By 2020 There Will
Be FIFTY Billion
Source: Cisco
DURING 2008, THE NUMBER OF THINGS CONNECTED TO
THE INTERNET EXCEEDED THE NUMBER OF PEOPLE ON
EARTH.
16. “Many items, including mundane things like light bulbs and door locks, are
being hooked up to the internet by putting tiny computers into them and
adding wireless connectivity.
The problem is that these computers do not have enough processing power
to handle antivirus and other defenses found on a PC. The margins on them
are wafer-thin, so manufacturers have little scope for spending on security.
And the systems are being produced in vast quantities, so hackers finding a
flaw in one will be able to get into many others too.”
- The Economist, A Special Report on
Cyber Security, July 12, 2014
19. CLOUD SECURITY IS DIFFERENT
“Decisions concerning the security of data
in the cloud has shifted from the IT room
to the boardroom, with 61% of companies
indicating that executives are now
involved in such decisions.”
Cloud Security Alliance, Cloud Security Alliance New Survey Finds Companies
are in the Dark on Shadow IT Usage, January 9, 2015
20. HOW TO CHOOSE THE
RIGHT CLOUD PROVIDER
Review your network
configuration as a team prior to
the implementation of a solution.
Find a provider with the expertise
needed to implement a network
security strategy.
Make sure the provider is PCI-
compliant and holds industry-
specific certifications.
Find a provider that offers
suggestions to complement your
existing network strategy.
Be sure the provider can meet or
exceed industry response times if
urgent issues arise.
Avoid downtime. Choose a provider
with cloud-based services that can
bear the burden of an attack.
Obtain the full spectrum of
monitoring and reporting in order to
develop and optimize your strategy.
21. KEY TAKEAWAYS
Companies must ensure that Security is a top component in your IT culture
Companies must build their IT frameworks around robust and
comprehensive security
Simply ensuring that only approved programs can run on your
organization’s systems, regularly patching all software, educating
employees about cyber-risks and constantly monitoring networks would
help keep most intruders out
It is not IF, it is WHEN, and it comes down to how quickly you can respond
Leadership needs to incorporate cybersecurity considerations into product,
customer, and location decisions
Deploy and enforce effective governance and reporting for all critical data
Companies must select vendors with security in mind