Deployment During the Pandemic

Deployment During the Pandemic

Securing cloud services, adoption has been growing steadily

Prior to the COVID-19 pandemic, the rate of cloud adoption was growing steadily. Since March, however, when “shelter-in-place” orders began sweeping the nation, we’ve seen cloud computing usage skyrocket.

The Global Growth Rate
According to recent research from Marketc and Markets, “the global impact of COVID-19 on cloud market size is expected to grow from $233 billion in 2019 to $295 billion by 2021, at a Compound Annual Growth Rate (CAGR) of 12.5 percent during the forecast period.”

The exponential uptick in cloud services is due to widespread “work-at-home” requirements, which hit the business world practically overnight. For organizations where employees already used work-issued laptops and IT teams incorporated virtual machines and cloud services into upgraded infrastructure, moving to a fully remote workforce was a relatively seamless transition. But, this wasn’t the experience for the majority of companies. Quite the contrary, as a matter of fact.

Many employees use desktop computers rather than laptops, so many companies were faced with a decision: Send employees home with their desktop machines, or allow them to use personal devices to log in to corporate networks and applications hosted in the cloud. With the latter being the only logical option for many companies, organizations were forced to fast-track long-term cloud projects. In fact, a May 2020 global survey conducted by MariaDB, found that 40 percent of respondents are accelerating their move to the cloud due to COVID-19.

IT teams worked tirelessly to roll out cloud services as quickly as possible to get the business up and running remotely. Cloud projects that would typically take months to complete were executed in a matter of days or weeks. And, as is so often the case with hurried technology deployments, the quest for “instant uptime” relegated security to an afterthought.

Let the Security Evaluations Begin
Now that we’re a few months into the work-at-home movement and most hiccups in remote business operations have been ironed out, IT security teams will spend Q3 and Q4 evaluating the security of the cloud services they so hurriedly deployed earlier this year. And this is an important exercise to complete, especially as hackers continue to target remote employees and businesses prepare for a potential second wave of COVID-19 that could keep the majority of employees at home through year’s end and beyond.

While the cloud is easy to consume from an end user perspective, cloud security can be complex to manage. In an effort to simplify things, here are five areas to prioritize in your cloud security evaluations.

Understand the shared responsibility model. One of the most common misperceptions about the cloud is that security is owned solely by the cloud service provider (CSP). This simply isn’t the case. Security of the cloud and security in the cloud are two very different things.

While the CSP is certainly accountable for some aspects of security, cloud users have responsibilities, too. And these responsibilities vary depending on the cloud service model in use – Software as a Service, Platform as a Service or Infrastructure as a Service.

The first step to properly evaluating the security of your cloud applications and services is to determine exactly what you are responsible for securing, and what your CSP should handle. With that baseline understanding, you can then focus your time, effort and budget on the appropriate aspects of cloud security.

Refine access privileges. In the rush to the work-at-home reality, many IT teams rolled out broad access privileges to employees – but this isn’t a secure approach. Giving employees access to corporate data, networks and systems beyond what they need to perform their job responsibilities increases the risk of insider threats and compliance violations.

To mitigate risks associated with excessive privileges, refine access controls based on user responsibilities and adopt a least-privileged-access strategy, which gives employees only the access they need to successfully perform their jobs – and nothing more.

Remediate misconfigurations. Cloud misconfigurations remain one of the top causes of data breaches. According to a June 2020 IDC survey of 300 CISOs, misconfigurations topped the list of concerns related to cloud production environments.

But how do you know if misconfigurations exist within your environment? Rely on scanning tools, which can analyze your environment to identify misconfigurations (open buckets or unencrypted data, for example) and provide the associated level of criticality – in other words, how the misconfiguration could impact security or compliance.

Once you have this visibility into your environment – such as an accurate understanding of the misconfigurations that exist and the level of risk it poses to your business – you can take the proper steps to remediate the errors and reduce associated security and compliance risks.

To put it simply, you have to understand the current state of your infrastructure to successfully build the future state.

Adopt automation. To keep up with the dynamic nature of the cloud, you need automation. Cloud capabilities, features and solution sets change so fast that managing security manually is extremely difficult, if not impossible.

Automating the security lifecycle – from programming, to threat detection, to remediation – builds security policies and guardrails into cloud systems, processes and technologies from the start. Not only does this “security by design” strategy strengthen your overall security posture, it also enables policies and guardrails to automatically adapt alongside cloud evolutions.

And, as an added bonus, with automation, you can unite all previously siloed business stakeholders (e.g., security, business, compliance, DevOps and finance teams) under a consistent security strategy, so everyone is working toward a common security goal.

Implement analytics. Over the past five years, organizations have spent a good deal of IT resources and budget on SIEM tools. And, when paired with analytics solutions, SIEM technology provides valuable security data that IT teams can use to quickly detect and remediate threats.

What we’re seeing today, however, is that many IT teams are collecting event logs issued into their SIEM and other security point solutions, but they don’t have analytics tools in place to turn the raw data into meaningful insights.

All SIEM data (e.g., cloud event logs) should be centralized. From there, you can enrich the data based on parameters, build data models, and work on getting full visibility and observability, as well as build data vulnerability management programs, and fraud, security or compliance use cases. For example, you might want to mine payer data for payment fraud, isolate social media chatter to detect potential threats, or search for exposed customer data that would result in a compliance violation.

Without the analytics piece, SIEM data provides little value with high noise. When the two technologies work in concert, however, you can significantly enhance your security and compliance posture in the cloud and across all IT environments.

Cloud security can be a daunting concept, but breaking it down into various initiatives that you can tackle one at a time based on criticality can help kickstart the process and make it more manageable.

With businesses over the initial shock of “instant work-from-home,” now is the time to evaluate and strengthen your cloud security. That way, if a second wave of COVID-19 forces another widespread work-at-home mandate, you can rest assured that employees will not only be up and running, but up and running securely. And, more importantly, you’ll have an iron-clad security strategy to protect your employees, your data and your business, regardless of what’s happening in the world around you.

Joe Vadakkan is the global cloud security leader at Optiv Security.

Featured

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

  • Deploying in a Hybrid, Cloud Environment

    The way organizations manage access control is evolving. Traditional on-premises systems come with high IT and server requirements. At the same time, fully cloud-based solutions may not meet the needs of every facility. Read Now

  • Facing Facts for Facilities

    Despite the proliferation of constantly evolving security solutions, there remains a troubling trend among many facility operators who often neglect the most important security assets within their organization. Keys and shared devices like radios, laptops and tablets are crucial to successful operations, yet many operators are managing them haphazardly through outdated storage systems like pegboards and notebooks. Read Now

  • Report Reveals Security Training Reduces Global Phishing Click Rates by 86%

    KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, today launched its “Phishing by Industry Benchmarking Report 2025” which measures an organization’s Phish-prone Percentage (PPP) — the percentage of employees likely to fall for social engineering or phishing attacks, indicating the organization’s overall susceptibility to phishing threats. This year’s report found a global average baseline PPP of 33.1%, meaning a third of employees interact with phishing simulations before taking part in best-practice security awareness training (SAT).COVER 2025-PIB-NA-Report_EN-US Read Now

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.