According to the 2020 Cloud Security Report, the highest ranking threat was misconfiguration, with 68% of companies citing this as their greatest concern (up from 62% from the previous year). Misconfiguration takes place when a cloud-related system, tool, or asset is not configured properly, thus endangering the system and exposing it to a potential attack or data leak. This threat was followed by unauthorized access (58%), insecure interfaces (52%), and account hijacking (50%). As powerful and innovative as the cloud is, it’s also complex and ever changing. From a security standpoint, this creates lots of challenges, and loopholes.
There’s no doubt that the cloud has the potential to be more secure than traditional on-premise solutions. The key word here is potential. Just because the cloud can be more secure, doesn’t mean businesses always enjoy greater protection when they make the shift.
這與雲端關係不大,而是與企業和組織如何處理安全、管理和監督有關。 換句話說,重要的是您如何使用雲端。 基礎設施本身並不能讓您免受網路環境中存在的危險。
The average cost of a data breach in today’s world amounts to $3.86 million (or $148 per compromised record). And that’s an international figure. The average cost in the United States is closer to $7.9 million.
但猜猜當組織在 30 天或更短的時間內解決違規問題時會發生什麼? 他們往往會節省約 100 萬美元。 如果威脅被完全挫敗——那麼,這將節省數百萬美元。
Cloud security can seem resource-intensive and expensive, but not when you view it through the lens of these data points. It’s a cost-effective investment with astronomical ROI.
隨著威脅的演變和複雜的新攻擊的出現,企業擁抱安全第一的心態變得比以往任何時候都更加重要。 話雖如此,以下是我們今年面臨的一些最大挑戰,以及雲端資安解決方案如何幫助您的組織克服這些挑戰。
沒有什麼比資料外洩更明顯的擔憂了。 這是每個組織都關注的事情。 然而,很少有人擁有適當的資源和策略來真正以有價值的方式解決這個問題。 這使其成為一個關鍵問題(並且必須以主動和預防的方式處理)。
未能正確處理資料(透過故意加密)會使您的企業面臨巨大的合規風險 - 更不用說資料外洩處罰、罰款和嚴重違反客戶信任的行為。 無論服務等級協定 (SLA) 有何規定,您都有責任保護您的客戶和員工資料。
It’s commonplace for organizations – particularly smaller and mid-size companies – to assume that they’re getting maximum protection simply by working with a cloud solutions provider. But there’s more to it than meets the eye.
合規性超出了國際和聯邦法規的範圍。 還有其他必須解決的行業規定。 例如,歐盟資料保護、PCI DSS、FISMA、GLBA、HIPAA 和 FERPA 等。
The right cloud security solutions provide the technical capacity to abide by regulatory mandates, but there has to be regular oversight and granular attention to detail. Under the responsibility model, the cloud provider offers security 的 the cloud, while the end user provides security in the cloud.
According to the Cloud Security Alliance “Cloud Adoption Practices & Priorities Survey Report,” 34 percent of companies are currently avoiding the cloud because they don’t believe their IT and business managers have the knowledge and experience to handle the demands of cloud computing. This makes it one of the top-four concerns businesses have in regards to cloud security.
現在,企業平均擁有三到四個雲端。 這增加了複雜性,需要技術能力和相關經驗。
This speaks to a larger trend that we’ll expect to see emerge in the coming months and years. Rather than just having managerial experience and financial literacy, IT and business managers will be required to bring technical cloud competency to the table. This doesn’t mean they’ll have to be cloud experts, but basic understanding and the ability to lead targeted initiatives becomes integral.
Cloud migration is happening in droves, but it has to be handled properly (otherwise, it exposes the business to unnecessary risk). According to one report, the four biggest challenges facing businesses are visibility into infrastructure security (43 percent), compliance (38 percent), setting security policies (35 percent), and security failing to keep up with the pace of change in applications (35 percent). As a result, security professionals and IT pros are feeling overwhelmed by everything that’s asked of them.
更簡單、更直接的遷移策略將有助於企業完美地管理這項轉變。 試圖一次完成所有事情是一個重大錯誤。 遷移過程應分為幾個階段,以降低可能損壞資料和/或導致脆弱性的嚴重錯誤的風險。
The difficult thing about the cloud is that there are so many different possible entry points for attacks. So while the surface attack area may be smaller in totality, it’s much more fragmented. Perhaps this can be seen most clearly when it comes to micro-service architecture and the increasing trend around serverless functions.
APIs are great, but you have to consider how they impact the larger system. Even if the cloud is technically safe and sound, intruders can hijack data by hacking into less-secure APIs. This is problematic! The proper cloud security solutions can help you carefully vet each application to protect against weak points like these.
信任你的員工是一種好的商業慣例。 不幸的是,許多企業對這種信任太過分了——或者未能在前端審查其信任背後的驅動因素。
According to research from Intel, insider threats are responsible for an incredible 43 percent of all breaches. Half are intentional and half are accidental.
更具體地說,企業需要考慮存取管理並限制誰可以存取什麼以及何時存取。 應根據需要授予對雲端應用程式和資料來源的存取權限。 任何人都不應擁有超出完成其工作相關職責所需的存取權限。
使用開源來開發應用程式。 開源軟體包很容易受到攻擊。 大多數情況下,駭客會在 Git 儲存庫中投毒,等待開發人員使用這些軟體包,然後透過精心準備的攻擊媒介破壞應用程式。
Whether it’s a private cloud data center, a public cloud, or SaaS applications, Check Point CloudGuard provides a cloud native and comprehensive cloud security solutions that protect business assets, apps, and data by preventing even the most sophisticated attacks.
If you’re looking for products, solutions, and services that will strengthen your cloud security infrastructure, Check Point has you covered. Contact us today to learn more – or request a CloudGuard demo to see why our advanced threat prevention is considered the best in the industry!