What Do You Mean My Cloud Data Isn t Secure?



Similar documents
Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

Kaspersky Security for Mobile

The Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director

What you need to know to keep your computer safe on the Internet

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA

2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Endpoint Protection Small Business Edition 2013?

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Your Location Instant NOC using Kaseya. Administrator at Remote Location Secure access to Management Console from anywhere using only a browser

AVeS Cloud Security powered by SYMANTEC TM

Advanced Persistent Threats

Integrated Threat & Security Management.

isheriff CLOUD SECURITY

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Top five strategies for combating modern threats Is anti-virus dead?

Anti-exploit tools: The next wave of enterprise security

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM

Open an attachment and bring down your network?

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

Computer Viruses: How to Avoid Infection

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite

SANS Top 20 Critical Controls for Effective Cyber Defense

NetDefend Firewall UTM Services

DOBUS And SBL Cloud Services Brochure

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

Endpoint Security Management

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Remote Deposit Quick Start Guide

Building a Business Case:

Defend Your Network with DNS Defeat Malware and Botnet Infections with a DNS Firewall

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Sygate Secure Enterprise and Alcatel

Getting Started with the iscan Online Data Breach Risk Intelligence Platform

GETTING STARTED WITH THE ISCAN ONLINE DATA BREACH PREVENTION LIFECYCLE

Zone Labs Integrity Smarter Enterprise Security

White Paper - Crypto Virus. A guide to protecting your IT

End-user Security Analytics Strengthens Protection with ArcSight

TIME TO LIVE ON THE NETWORK

ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

MALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

Endpoint protection for physical and virtual desktops

Compliance series Guide to meeting requirements of the UK Government Cyber Essentials Scheme

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

INSIDE. Malicious Threats of Peer-to-Peer Networking

SECURE YOUR BUSINESS WHEREVER IT TAKES YOU. Protection Service for Business

Computer System Security Updates

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

PCI Data Security Standards (DSS)

NetDefend Firewall UTM Services

GFI White Paper PCI-DSS compliance and GFI Software products

How To Manage A Network Security Risk

Basic Security Considerations for and Web Browsing

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Cisco Advanced Services for Network Security

WHITE PAPER. Understanding How File Size Affects Malware Detection

SECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our

Endpoint protection for physical and virtual desktops

Kaseya IT Automation Framework

Content Security: Protect Your Network with Five Must-Haves

Five Trends to Track in E-Commerce Fraud

Vulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper

Innovative Defense Strategies for Securing SCADA & Control Systems

Kaspersky Security for Business

KASPERSKY SECURITY FOR BUSINESS

WEB SECURITY. Oriana Kondakciu Software Engineering 4C03 Project

Introduction (Contd )

IBM Endpoint Manager for Core Protection

Total Defense Endpoint Premium r12

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY

CBI s Corporate Internet Banking Inquiry Services gives you the ability to view account details and transactions anytime, anywhere.

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?

INTRODUCING isheriff CLOUD SECURITY

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

Ovation Security Center Data Sheet

Endpoint Security and the Case For Automated Sandboxing

Secure Your Mobile Workplace

WHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform

Protecting Your Roaming Workforce With Cloud-Based Security

always on meet the it department PROPHET managed services ebook Business Group Meet the Always On IT Department

AN OVERVIEW OF VULNERABILITY SCANNERS

Reducing the cost and complexity of endpoint management

Closing the Vulnerability Gap of Third- Party Patching

Transcription:

Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com

As today s businesses transition more critical applications to the cloud, there is an implicit perception and expectation that the critical information is more secure in the cloud than it is on private systems. This shift in data management strategy has implications for IT managed service providers and their end user customers. The real state of data protection is actually quite different for both environments and depends upon a number of factors, some of which are discussed here. Network Perimeter Disappearing Traditional business security includes a network perimeter that houses and protects the machines within its boundaries. Firewalls, Unified Threat Management, SEIM, and Vulnerability Scanners are just a few of the types of tools that are deployed inside the secure corporate network. These tools discover vulnerabilities, remediate them, and improve the overall security of the internal systems as well as protect those systems from new external vulnerabilities. As critical applications move from private network servers to the cloud, employees access those applications from machines both inside and outside of that protected network. Any company information accessed from a compromised system is compromised information whether that information resides in the cloud or on private network servers. The Endpoint is the Target Today s hackers and cybercriminals realize that the network perimeter security has higher security than the wide attack surface available on each endpoint. In fact, the endpoint or end user has become the main attack point of the majority of threats seen in the wild today. While the value of the network perimeter is important, according to Kaspersky (2012), cybercriminals have learned to circumvent it completely by attacking the endpoint while it is not within the safety of the corporate network. And this attack has become a very profitable, $100B market for a new era of cybercriminals (Kaspersky, 2012). cybercriminals have learned to circumvent it completely by attacking the endpoint while it is not within the safety of the corporate network. A compromised endpoint is a compromised cloud Once an endpoint computer is compromised, cybercriminals can install key loggers, track or hijack traffic, spoof critical sites, and capture critical data even if that data that is stored in the cloud. A few real-world examples of this are: A user installs a seemingly harmless application. It contains a Trojan horse application and drops a key logger onto the machine. The end user, unaware that all their keystrokes are captured, now enters their user name and password of their financial service cloud application. The key logger uploads that information to the cybercriminal s servers. A user received a Microsoft Excel file and opens it. During the opening of the email, a virus that was embedded in the office document is installed to the computer that uploads information about the tokenized authentication of that user. That token information is then uploaded to the cybercriminal s servers where they are able to access the cloud system specific to that employee. A user with a compromised system has a malicious browser plug-in. When the user logs into their key CRM application via their browser, the plug-in captures the response data and uploads the company s customer information to the cybercriminal s servers.

The types of threats seemingly are endless (Kaspersky, 2012). And Macs and Linux machines no longer are free from attack. Managed Antivirus The starting point of security is still utilizing a solid Antivirus service. As employees access cloud data from inside and outside the company network, the need for antivirus is actually higher than internal only systems as those systems are out in the wild. To make matters more complicated, the push of BYOD includes additional challenges of ensuring that those machines are installed with antivirus and are up to date even when those machines are not on the corporate network. The days of simplistic management of antivirus where all machines are on the local corporate network are gone. Centrally managed antivirus MUST be able to manage antivirus on both on or off of the corporate network and it STILL represents a significant business opportunity for the IT managed service provider. According to results of a recent survey (Kaseya, 2012) of thousands of managed service providers worldwide, only 35% currently provide a managed security service offering (ie, more than just antivirus) and only 20% said they plan to offer such a service. Antivirus is not a commodity All antivirus engines are not created equal. This has been proven via independent comparison organizations that prove that some antivirus engines just don t protect well enough for today s threats. To make matters worse, often the environments protected by these sub-standard antivirus engines are left in a state of false security with the green lights of their antivirus program showing everything is well meanwhile their systems are being ravaged with rootkits, trojans, and other malware. Security is more than Antivirus Security basics begin with solid antivirus. Security must also include having the proper patch level on operating system and applications such as Java, Adobe, and internet browsers. While antivirus is constantly looking for threats, many kinds of malware hunt of vulnerabilities exposed in these key systems and applications. Statistics show that most compromised happen on unpatched systems meaning that there was a patch available for the machine but had not yet been applied. Often, exploit authors keep track of recently released patches evaluating each new patch and its associated vulnerability. They are then able to author a threat based upon that vulnerability and then include a scanning mechanism to find that particular hole. The time to install patches is quite important such as to close the time gap from when a patch is released, to when it is installed and deployed to limit the exposure to this kind of malware. As long as my users don t download anything, they will be fine. -- Anonymous CIO Statistics show that most compromised happen on unpatched systems meaning that there was a patch available for the machine but had not yet been applied. The long standing myth is to not download anything or click to run applications and the risk of infection is eliminated. This is simply not the case, according to Kaspersky (2012), and in fact, the biggest issue impacting security management professionals still are the wide varieties of usage patterns among IT end users.

A few threats don t require the user to really do anything out of the ordinary. Some examples are: An exploit on DRM of media files (i.e. Windows Media Player) allows for a Trojan to be installed without the end user s knowledge that anything has happened. Browsing to a website site has an image that includes malware embedded targeting unpatched internet browsers. Unsuspecting users with the unpatched browser renders the image to the screen where the exploit is able to upload the virus and compromise the system. A worm performs a network scan looking for unpatched operating systems on its local network. Upon finding that system, it uploads its payload to the machine thereby replicating itself without any machine credentials on the targeted system. The list goes on and on. Layered Security Since most endpoints have a broader attack surface, they need multiple types of security working in conjunction with each other. This is the same idea as having not only a lock on the front door of a house, but locks on inside doors as well and potentially a safe holding the most valuable items of the household. In computer terms, the more kinds of scanning and layers of security, the better. The tradeoff to more layers of security is system performance. The job of the IT Professional is to balancing the performance requirements of the end users against the security needs of the organization. Many layered security systems will include a number of the following items below working together. Operating System patching 3rd Party Application patching Antivirus Separate Anti-Malware Drive encryption Data Loss Prevention Digital Rights Management Two Form Authentication The job of the IT Professional is to balance the performance requirements of the end users against the security needs of the organization. Monitoring and Remediation Resolving problems is even more difficult for the IT Professional. They are now required to support and fix machines wherever they physically are located both inside and outside the corporate network. The faster a compromised system can be corrected, the less chance of business sensitive information including cloud based information can be hijacked by cybercriminals. In many cases, end users simply do not realize that their system has been compromised. Awaiting end users to notify the IT organization is not considered best practice. IT Professionals must monitor the scanning solutions that have been deployed. Once discovered, typically IT Professionals await the return of the affected machine back into the corporate network in order to remediate the threat. This creates two problems: 1. The amount of time that has past is often enough to compromise a significant amount of information 2. The user has now brought an infected machine to INSIDE of the corporate network potentially exposing more machines to infection. IT Professionals need the tools to remotely remediate issues as they arise and wherever they arise. Preferably the remediation is automated and deployable without end user interaction.

The Value of Systems Management Tools If cybercriminals and hackers are using more sophisticated tools than your IT organization is using to manage your environment, they will likely succeed in compromising your organization. Today s IT Professionals must deploy top quality tools to maintain and monitor all aspects of their environment. Key things to look for in systems management solutions: 1. A solution that deploys a software agent to machines under management. That agent is able to phone home regardless of its physical location. This means that the machine is ALWAYS under management regardless of its physical location. Policies are ALWAYS applied and kept up to date 2. A system that is easily accessible from any location to centrally perform systems management tasks. 3. A solution that has a wide breadth of solutions all in a single console. Some key modules to look for in the solution are: a. Antivirus b. Patching c. AntiMalware d. 3rd Party Patching e. Software Deployment and Operating System Deployment f. Backup and Data Recovery 4. A solution that has partner network of security providers. Some providers could be: a. Two Form Authentications. This provides a higher level of security for all on-site and cloud solutions into a single authentication solution. b. Drive Encryption. This enables encrypted drives and subfolders on the drive for the more sensitive information. c. Cloud based email scanning 5. A solution that provides a custom scripting engine for remediation or generic security solutions. When a particular security solution is not offered by a vendor or by one of its partners, a custom scripting engine allows you to build in whatever solution you need. In addition to building and deploying a security application via the systems management solution, the custom scripting is used for remediation of problems across a number of machines without having to touch individual systems. 6. A solution with integrated monitoring. Being able to watch each system regardless of its physical location is the key to knowing and reporting on compliance, security, and overall security health of the environments. 7. A solution that includes a location independent remote control. In the event that the system needs an IT Professional to resolve issues manually, they can be done remotely without having to await the return of the machine to the physical location of the technician. If cybercriminals and hackers are using more sophisticated tools than your IT organization is using to manage your environment, they will likely succeed in compromising your organization. An example of this type of integrated solution, provided by Kaseya, is presented on the following page.

Summary The most progressive IT managed services providers embrace a managed security service philosophy that protects client machines and networks using a solution-oriented approach. These solutions discover vulnerabilities, remediate them, and improve the overall security of the internal systems as well as protect those systems from new external vulnerabilities. As critical applications move from private network servers to the cloud, they ve used more comprehensive security solutions to help their clients build and manage more secure environments and ensured that end user employees still gain access to secure data from business line applications wherever it resides. The most progressive IT managed services providers embrace a managed security service philosophy that protects client machines and networks using a solution-oriented approach. Visit www.kaseya.com/mspdemo to learn how Kaseya can help you manage the security of your information. About Kaseya Kaseya is the leading global provider of IT Systems Management software. Kaseya solutions empower virtually everyone from individual consumers to large corporations and IT service providers to proactively monitor, manage and control IT assets remotely, easily and efficiently from one integrated Web-based platform. 2012 Kaseya. All rights reserved. Kaseya and the Kaseya logo are among the trademarks or registered trademarks owned by or licensed to Kaseya International Limited. All other marks are the property of their respective owners. www.kaseya.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information