The Risks and Benefits of The Cloud
- Reduced operational costs for hosting databases, virtual machines, and licensing software
- Labor savings as cloud engineers assume the duties of monitoring environment servers, and handle patches and upgrades
- Automatic application of security vulnerabilities and software bug fixes
- Access to the latest productivity and security offerings from supported third-party vendors
- Simplified technical support, resulting in less employee downtime
- Straightforward processes for creating new tenants for testing or other purposes
These advantages have made cloud adoption popular among businesses for several years, a trend that does not appear to be slowing down soon. In fact, recent business disruptions caused by the COVID-19 pandemic have significantly increased reliance on the cloud2. However, many organizations moving to or operating in the cloud are unaware of the threat landscape, and unintentionally put themselves at risk.
Simple misconfiguration of cloud resources is the number one cause of cloud-based data breaches3. With the average cost of a data breach reaching $3.2 million USD4 in 2020, misconfigurations are a mistake few companies can afford. The sheer processing power of the cloud also makes cloud-based businesses highly attractive to cryptojackers. Cloud-based services are at risk for targeting and disruption by DDoS attacks5. Cyber criminals may use phishing or other techniques to hijack accounts and gain access to cloud servers without being noticed6. Insider threats, estimated to be responsible for up to half of data breaches, also pose serious security concerns for businesses using the cloud7.
Losing full control of the IT department is also a serious concern for many CIOs8. Not all businesses are prepared to entrust management of their data environments to shadow IT. Other critics voice concerns over concentrating too much power in cloud computing and worry that it diminishes user autonomy9.
Cloud Security, a Shared Responsibility
The cloud security model is different than the traditional model used to train many security professionals. Data centers typically use a hierarchical security model (defense in-depth) while the cloud splits responsibility for providing and configuring cybersecurity assets. For example, the cloud provider will include features like encryption, network access control, and user access management as part of their service. Organizations using the cloud are responsible for providing security for their applications, devices, and performing threat monitoring.
Two challenging differences between traditional data center and cloud security:
- Every application instance on the cloud can communicate with the Internet. This means each instance has to be individually secured.
- Visibility into the underlying cloud hardware, software, and network is limited. This makes it difficult to anticipate or discover vulnerabilities and exploits that target specific cloud components.
Finding cloud-trained security analysts can be difficult, but advancements in AI and automation can significantly lighten the load for smaller IT teams. While monitoring multiple application instances, network traffic, and access issues is a time-consuming task for humans, AI can perform them quickly and efficiently. In fact, AI plays a pivotal role in transitioning from a traditional, defense in depth (DiD) security structure to a Zero Trust10 model.
A Zero Trust security model operates on the assumption that every interaction is unsafe until an entity establishes itself as trustworthy. Trust can be built through a series of sustained engagements, presentation of credentials, biometrics, locational information, and other factors. Many organizations exhaust their resources implementing new layers of security to address threats arising from mobile computing, the IoT, and cloud adoption. This is the DiD approach, racing to address an expanding attack surface by installing and maintaining countless new security layers. Zero Trust solves cybersecurity problems by ensuring only trusted entities, interacting in approved ways, have access to business resources.
BlackBerry in the AWS Cloud
The BlackBerry Spark® Suites implement a wide range of services, monitoring, and advanced threat detection and threat prevention critical for securing cloud. BlackBerry Spark® Unified Endpoint Management (UEM) Suite11 offers an impressive suite of security tools that are managed through a single interface. Specifically, the BlackBerry Spark UEM Suite:
- Allows organizations to secure and manage devices, applications, data, and policies
- Uses a trusted end-to-end security model requiring zero inbound connections
- Provides an integrated view of policies, users, devices, and apps, including those using iOS®, Android®, Windows®, and Chrome OS™
- Offers BlackBerry® Network Operations Center (NOC), a trained team of engineers that monitor traffic patterns and often resolve issues before users encounter them
BlackBerry Spark® Unified Endpoint Security Suite12 uses advanced AI and low-profile continuous authentication to prevent threats before they wreak havoc in the environment. Components of BlackBerry Spark Unified Endpoint Security Suite includes:
- Automated endpoint protection combined with application and script control, memory protection, and device policy enforcement
- Automated threat investigation and response with playbook-based workflows
- Mobile device protection that includes AI-monitoring of apps for any new or known threats (including malicious URLs and phishing)
- Continuous authentication of user behavior (combining biometric, app usage, network, and process invocation patterns across devices) to maintain trust and dynamically grant access to corporate data
These security features and tools can help an organization migrate to a Zero Trust model. For example, BlackBerry® Protect uses AI-driven security agents trained to identify dangerous characteristics on millions of safe and malicious files. This allows BlackBerry Protect to detect known malware and variants as well as unknown, or zero-day malware. In other words, no file is trusted until vetted and verified as safe by BlackBerry’s AI. When a suspicious file is detected, it is stopped pre-execution and, unless permitted by the security team, will never run or become active.
Likewise, BlackBerry® Persona continuously authenticates users accessing corporate data based on their behavior, location, known work patterns, network profile, and device/app DNA. This is not a one-time or multifactor authentication, but a continuous process whose results are reflected in a user’s current risk score. As changing factors affect the risk score, the security AI models adapt and apply dynamic policy controls in near real time.
Smart Technology for a Safer Cloud
Moving to the cloud offers organizations many benefits, but also entails exposure to new risks. BlackBerry® solutions harness the power of AI and use continuous authentication to mitigate those risks without hindering productivity or requiring additional staff. Many cloud-based threats can be prevented by ensuring your organization is continuously monitored for threats and limiting interactions to trusted entities.