There has been a significant increase in threat perception related to cloud ecosystem with extensive growth in number of users, generation of significantly higher data volumes, and emergence of new technologies that are capable of delivering information across disparate global networks.
Evolving trends within data center and cloud platforms
It is estimated that hyperscale data centers will command the data traffic thus accounting for a lion’s share of 52 percent of the data by 2020 among all data centers. According to a recent report by Cisco Cloud Index, the traffic within hyperscale data centers is set to multiply by five times by 2020.
One of the most sought after cloud server hosting service models, ‘Software as a Service’ will contribute to processing of 92 percent workloads. SaaS will be accountable for 74 percent workloads associated with cloud. Majority of organizations will access data center services for processing workloads and will account for 72 percent of total data center workloads.
The overall impact of big data and Internet of Things will shape digital lives of individuals and the way critical applications are accessed. Thanks to IoT, the data created will be double than the amount stored.
Abundance of opportunities for cyber criminals
Unfortunately, no technology can be restricted to be used only for supporting good cause. Advances in technologies are available for everyone to exploit and cyber criminals are already leveraging the technology revolution in the field of cloud computing.
Cyber attackers are exploiting new targets that are products of vulnerabilities associated with big data, IoT, cloud adoption, exponential data generation, and hyperscale data centers. Security threats get pronounced due to implementation of high end cloud technologies in data centers that are ageing and about to become obsolete.
Current state of cyber attacks
It is a great matter of concern that events of cyber attacks are not only growing in frequency but also in terms of sophistication. Data center service providers have to deal with proliferation of advanced cyber attacks while implementing modern IT solutions.
The most common threat continues to be from DDoS attacks because of ease of internet access and extensive availability of free tools. DDoS can be precipitated by anyone with a grievance and the simplicity and ease of launching DDoS attack has lead to the increase in size, complexity, and frequency of the same in past years.
According to a research, 12400 events have been recorded on a weekly basis for the past one and half year and attacks that exceed size of 579 Gbps accounted for 73 percent rise over last year 2015. The most frequent targets of attacks over 10 Gbps have been UK, US, and France.
By using a specially developed software called Mirai to attack IoT devices that are not adequately secured, the single largest ever recorded DDoS attack was implemented in October 2016 on seventeen sites. The attack cause extensive damage that was marked by outages and performance hits. In terms of the extent, the attack covered one million malicious endpoints and the strength of the attack is estimated to be a mammoth 1.2 Tbps.
Different dimension of cloud
Cloud computing is undoubtedly improving business processes by offering amazing flexibility and accessibility that was hitherto unimaginable. However another dimension of cloud involves threat, risks, and dangers of malicious attacks that are being faced by application layers. The threats are not only affecting cloud environment, but are also seriously impacting data center capabilities and the overall infrastructure.
Vital considerations wile adopting cloud solutions
Cloud administrators need to be aware of vulnerabilities, risks, and threats involved in adoption of new technologies in legacy architectures. Following security considerations will facilitate administrators to close the loopholes and deal with cyber threats with better awareness.
Securing mission critical data- One must focus on protecting the data from possibility of theft or leakage due to massive volumes of data being handled by data centers. Traditional cloud architectures are devoid of transparency in terms all layers in cloud stack and data center. This underlines need to attach extraordinary importance to security of intellectual property. This is more applicable to educational IT environments, healthcare, financial organizations, and government entities. Protection of user credentials and other sensitive data must be accorded the highest priority.
Blocking cloud disruption- Cloud environment is challenged by new applications, DDoS and IoT attacks, and workload layer to name just a few. In order to achieve a real victory over DDoS attacks needs logical and physical correlation at data center level as well as acknowledgment of device or user and exploits or planned attacks. There is need to have granular level control in terms of routing and application paths even if we are able to have visibility to some extent as far as some workloads and hardware stack is concerned. Security needs to be ensured from a holistic perspective since cyber criminals have been able to exploit security gaps within data center and cloud infrastructures.
Protect and educate users of digital services- Modern user of cloud can be considered as digital users and they are very much the part of cloud as you are. Understand that the normal is going to be challenged by new normal in the cloud age. Hence accessing cloud via non-traditional ways is a new normal. Security solutions involving End Point Protection need to be put in place for protecting your digital users. This needs to be backed up with endpoint detection and endpoint response for enhanced security measures. Securing data during its transfer from cloud to cloud is also essential for safe passage of data between hybrid ecosystems and on site data storage facilities.
It should be understood that the path to cloud may be bumpy, but it is worth treading on. You need to ensure proper planning, execution, and validation while following a simple lifecycle of cloud ecosystem.
Need evaluation process should be always applied by selecting the right type of cloud model since testing process can be easily carried out in cloud environment. Organizations need to be resilient and flexible while adopting cloud. It is essential to trust your cloud provider for steering you in the right direction.
Security and visibility is going to assume greater relevance in time to come and therefore you must be able to acquire right tools for securing your workloads by enabling enhanced visibility to keep your business perpetually aligned.