Most cloud vendors provide their customers with security controls, but are they sufficient enough to protect the critical data? Is there a place on the market for third-party information security solutions focused on protecting cloud data and what are their strengths and weaknesses? What features of such systems are in demand these days?
Let us start with the main questions that arise among corporate users of cloud services:
Most experts observe that security tools built into cloud services often provide only a basic level of protection. Developers of specialized security systems can offer a higher degree of security than default services.
In three to five years, built-in cloud security features are going to improve and hopefully will be enough to keep things safe. However, in the era of digital transformation, when the multi-cloud approach evolves (when one company uses services from different vendors, as well as its own cloud environment) the need for a single solution for managing security issues increases.
Customers choose security solutions based on their business needs. For some of them, the basic level of protection provided by the built-in services may be sufficient; for others, more advanced systems from specialized vendors are required.
According to experts, the largest number of security incidents in cloud environments are caused by users and inexperienced admins. The threat landscape creates the need to use additional solutions that allow you to control, for example, the correct configuration of access rights in several environments at once. At the same time, the scope of tasks solved by means of cloud systems is important: the more virtual machines a customer has, the more services he uses, and the more accounts he creates, the more critical becomes the need for additional protection.
Another problem is the fragmentation of built-in security tools that solve various tasks within the framework of a single service. An external system may help to correctly configure all the components of cloud protection tools. Besides, in the event of transferring the infrastructure to another service, it may speed up the configuration process.
Here are two main criteria that dictate the need for additional third-party cloud security tools:
One more question arises: What data do third-party security solutions operate on, and does the cloud provider send enough accurate telemetry to them? If embedded security is getting more data then it goes into the API, then third-party solutions fall into a losing position. Another problem in the provider-vendor relationship is the regular change in API specifications.
The most promising cloud services, from the point of view of developers of additional cloud security products, are those that have a significant market share, understandable documentation, and API with rich functionality. These are primarily Azure, AWS, and Google Cloud. Alibaba Cloud is catchin up with the leaders very quickly. The maturity of the cloud provider is especially important for the security vendor.
Often third-party security vendors depend on the stability and performance of cloud providers. The customer, buying a product or service, pays for the vendor's involvement - his willingness to quickly solve security problems. The developer cannot guarantee that his solution will protect against all possible threats, but he can guarantee that he will deal with all security problems with full responsibility. By transferring business processes to the cloud, the user shares with the provider the responsibility for the security of data and access to it. Depending on the model (IaaS, SaaS, PaaS), the level of customer responsibility may vary.
Here are the main features of cloud security solutions:
There are practically no cloud security solutions on the market for protecting public repositories specializing in storing code (GitHub and others).
The market of solutions aimed at protecting cloud CRM systems is also relatively underdeveloped.
Working with cloud services involves options for occasional use of the infrastructure provided. For example, a customer can only host their systems in the cloud during periods of high load, and in off-season use their own hardware. Are vendors ready to meet these customer needs? Can you buy a license for a day, a month, an hour?
Currently, most cloud-based security products have per-minute billing options, where the user only pays for the actual use of the system.
However, annual contracts for renting infrastructure in the cloud are more popular. Some customers are not yet ready to use the pay-as-you-go model.
The most important point in this matter is the creation of a framework for trusting a cloud provider. For these purposes, an audit of the cloud service by the customer or an external consulting company can be used. Besides, a potential client can use specialized surveys and study the provider's certificates and licenses.
There are also different possible security tools for monitoring the operation of virtual machines and data stored in the cloud. Alibaba Cloud offers Anti-DDoS, Web Application Firewall, Data Encryption Service, Sensitive Data Discovery, and many other security tools.
However, no matter how well the customer wants to protect himself from the provider's interference, there is always that line beyond which it is necessary to trust your provider. So, it is necessary to learn to trust a cloud provider, and the provider, for its part, needs to develop a sufficient level of authority to earn this trust.
The cloud migration is progressing at an ever-faster pace. Information security issues are becoming paramount for business and government customers who decide to host some of their resources in the cloud. Today, I tried to outline the range of main problems related to third-party cybersecurity tools intended to protect the cloud, figure out what functions of such systems are most popular, and what awaits the market in the future.
David Balaban is a computer security researcher with over 17 years of experience in malware analysis and antivirus software evaluation. David runs MacSecurity.net and Privacy-PC.com projects that present expert opinions on contemporary information security matters, including social engineering, malware, penetration testing, threat intelligence, online privacy, and white hat hacking. David has a strong malware troubleshooting background, with a recent focus on ransomware countermeasures.
Balaban - March 17, 2021
Alibaba Clouder - July 12, 2019
Alibaba Clouder - July 22, 2020
AlenaS - June 9, 2021
Alibaba Clouder - February 14, 2020
Alibaba Clouder - April 1, 2021
Alibaba Cloud is committed to safeguarding the cloud security for every business.Learn More
An industry-standard hardware security module (HSMs) deployed on Alibaba Cloud.Learn More
This solution helps you easily build a robust data security framework to safeguard your data assets throughout the data security lifecycle with ensured confidentiality, integrity, and availability of your data.Learn More
Simple, secure, and intelligent services.Learn More