Cloud-Based Management Makes the DifferenceAnirban Banerjee
A majority of the front-end services we interact with on a daily basis utilize cloud-based resources. With such popularity, we must not only gain an understanding as to why this is, but also if we are to consider it for our own implementation. In this blog we delve into the ease of use of cloud-based privileges along with how they work at the enterprise level.
Converting previously internal hosting and IT infrastructure to externally hosted resources is no easy task and must be considered from an objective, strategic perspective. A typical advantage we come across is not the capabilities of the services offered but rather the ease of use in implementing cloud based services. Let’s take database implementation for example; though offered in a variety of forms the migration of data between servers is no more difficult than if it were to be done in-house.
Businesses of the 21st Century demand flexible, cost-effective solutions. One of the highlights of cloud-based resources is their unwavering ability to service a business’ varying bandwidth usage. By the flip of a switch, IT administrators may unlock new bandwidth and storage, enabling them to pay as they grow. Beyond the physical unit cost of servers, having those on-site also requires IT to plan ahead. If too much is purchased too soon, the business will be burdened with that cost. If IT fails to plan ahead, to order and coordinate new servers, the business would be left unable to respond to growth.
For smaller, data centric businesses, the ability to match any level of demand with the resources needed to offer customers a painless experience is an invaluable tool. Just as with any other system, the integration of multiple facets to yield a unified system can develop some problems if managed improperly. Infrastructure access management allows businesses to have complete control over their servers regardless of how large their IT team is.
Does this flexibility yield lower security?
In the case of cloud-computing, we find organizations are better able to secure their IT than if handled traditionally. With the ability to handle privileges dynamically, access points may be updated as needed to satisfy safety policies and more. These benefits are not just for small businesses either, large, enterprise size businesses may reap the same rewards all while cutting costs. Administrators have a much greater look into system activity, reducing the likelihood of undetected internal attacks and increasing organizational awareness. In some instances, migrating to cloud-based systems is necessary in order to satisfy management’s requests for security.
Full visibility into a cloud enabled system is crucial for enterprise level security. Administrators may now execute full visibility reports, providing information such as account activity, forensic and compliance reports, usage patterns and more. Detecting anomalies has never been easier, and may now be acted upon in a moment’s notice, if not automatically.
Incident Response Programs
To streamline IR programs, cloud systems offer the ability to create automatic responses to events which commonly define an external or internal attack. These responses must be developed by experienced IT professionals in order to have the greatest effectiveness possible. IR programs can be incredibly expensive to operate at the enterprise level; however, procedural replacements are a great step towards full incident protection. After considering this step, IT may identify an immediate IR headache, the usage of privileges to maintain full operational status while preventing unwanted activity on company systems.
Privileges determine to what extent an individual may view and interact with systems. While limiting privileges reduces their ability to inflict damage, this also impacts their resourcefulness to the organization and ability to get work done. The simplest method for delegating authority is to determine a middle ground between need for access and visibility. The amount of access granted should only extend to what is needed for job completion, should this extend into a wide array of areas a separation of duties or change in job responsibilities should be considered. Small businesses are at risk for major insider threats as their limited IT staff must be able to respond to events, making it difficult to reduce visibility. Current privileged user management enables administrators to regularly update permissions as needed, reducing the likelihood for privilege creeps.
As mentioned in the SANS report on Insider Threats and the Need for Fast and Dedicated Response, “IR matters because it directly controls the damage and impact an incident can have on an organization.” This quote brings up a major point, that the cost of an IR is quickly realized once a business’s experiences an attack of any sort. In the creation of new systems, exposure to new threats should be noted and studied, as the decisions made then will impact how the organization handles exposure in the future. Once that is determined, performing a damage assessment of threats is incredibly important to put to terms the potential risks, and is a great tool to win over decision making executives with little understanding. Matching basic to complex risks with their potential to do damage to entire business functions puts to terms how severe an attack can be.
Beyond the standard monitoring of systems, controlling the flow of information is made easier and while the methodology has yet to undergo heavy change, the increase visibility afforded in new cloud systems can alert staff to upcoming threats. The Software Engineering Institute at Carnegie Mellon University released a case study on the creation of a Computer Security Incident Response Team, stating that “For regulated businesses such as banking and health care, governments are enacting laws that require businesses to provide mechanisms for protecting consumer data and privacy. A functional CSIRT is one component of a comprehensive security plan that will help organizations mitigate the risk of exposure due to a security event, thereby protecting consumer privacy and data.” Adhering to and surpassing consumer data and privacy regulations demonstrates to consumers the organization’s commitment to security. In addition, these steps help in securing clients with the expectation of superior information security.
Unique and growing businesses require different levels of security and accessibility. The context of a strategic planning opportunity will designate whether or not advanced strategies are appropriate, though every organization should develop an IR program of some fashion. The cost of implementing systems security and response to incidents pays dividends in the long run and should never be seen as a wasteful expenditure, and rather an investment into the future.
Cole, E. (2015, April). Insider Threats and the Need for Fast and Directed Response.
Creating a Financial Institution CSIRT. Retrieved from https://www.cert.org/incident-management/publications/case-studies/afi-case-study.cfm
Osborne, T. Building an Incident Response Program To Suit Your Business. Retrieved from https://www.sans.org/reading-room/whitepapers/incident/building-incident-response-program-suit-business-627
What is cloud services? – Definition from WhatIs.com. Retrieved May 04, 2016, from http://searchcloudprovider.techtarget.com/definition/cloud-services