Engage Knowledge Base Web View    Case Study
Title Cyber Security and My Cloud Applications: Am I safe?
Resolution
 
Cyber Security and My Cloud Applications: Am I safe?
 
This Cyber Security White Paper addresses a common concern for clients that keep all or most of their applications in the cloud (see Data-Tech's Cloud Security Strategy Statement at the end of this paper).
 
It's a common misconception to think that, because you've migrated your applications and/or entire business to the cloud, you no longer have to worry about cyber security on your company's local network.  So the answer to the question "Am I Safe?" is probably not.  
 
Most businesses that migrate their operations-or at least primary applications-to the cloud, mistakenly believe that it's no longer necessary to provide IT security technology to their local network and computers.  Unfortunately, cyber criminals are counting on this, and if you fall into this category, you're one of their favorite targets!
 
Why? There's a litany of reasons. This white paper will outline the top 5 security concerns and risks for clients who have migrated to a cloud platform of some kind.
 
    1. First, you must realize that even though your applications are in the cloud.you still access them from your local network and computers.  If your local network is compromised, then you may not be able to access your cloud applications. At the very least, performance is sacrificed.
 
2. Your cloud application aside, what do you use your local network computers for?  Most clients still use the local network to access websites like credit card portals and bank portals.  These apply mostly for the business, but unless you have strict security policies in place, you can be sure there's more going on than that.  Every time a network accesses an unsecure Internet connection, it runs the risk of becoming infected. Realizing that many of today's viruses and malware SEEM benign because they are programmed to watch and gather data, you may never even know that you've been infected.  
 
3. If your network is not "Cyber Secure," you WILL get infected.  So how safe is your cloud data?  Not safe at all!  Again, Why?  
 
Consider this:  One of the most malicious "Spyware" infections is so small, it's something you will never actually see. It's so simple that most Anti-Virus, Spyware and Malware programs completely miss it.  It's called a "Key Logger."  A "Key Logger" does just what its name implies.  It logs your key strokes.  Big deal right?  Yes, yes it is.  
 
 
 
 
 
 Scenario: You're a medical company or staffing firm of some kind. You log in to a cloud application that contains your clients' data:  Names, phone numbers, addresses.Social Security numbers.  You think the data is safe because it's stored in the cloud.  But consider how you got to your application.  
 
        1. You opened your web browser (Key Logged)
        2. You typed in the URL of your cloud application (Key Logged)
        3. You typed in your username (Key Logged)
        4. You typed in your Password (KEY LOGGED)
 
Did I mention the other function of a Key Logger is to send a transcript of the Key Logging to the bad guys? So now the bad guys have the URL of the cloud application, your user name and password. Well at least you're not a system administrator.. or are you?  You can use your imagination if the Key Logger sends information about your bank or credit card online portal.
 
4. Not all cloud applications are created equal.  Some are secure and do not allow file uploads, so this risk may be mitigated. However, most systems either allow file uploads or emails to be received. If your cloud application is a remote desktop, then this risk is something you should make note of.  Remote desktop computing is the most widely used "cloud application" deployed today.  You may not even know that your cloud application is a remote desktop session. The IT term for this is "Cloud Enabling" applications (but that's for another White Paper).
 
Suffice it to say remote desktop computing is incredibly "high risk" on a compromised local network.  Again.Why?
 
Let's explore this risk. First, let's establish that your cloud host has a super secure network provided by SonicWALL Security Systems (like Data-Tech Cloud Services does). If that's the case, how can my local network affect the hosted network?  "The devil's in the details," as they say.  Your connection to the cloud host network is actually very secure and encrypted. This protects your connection and the data that you transfer back and forth.
 
This encrypted connection, however, is also the conduit needed by nasty programs like Crypto-Locker.  Imagine, if you will, that you're logged into the cloud host desktop.  All that you need to do is copy an infected file from your local network through your secure encrypted connection to the cloud server and.. well you've heard of the "Pink Slip Virus" right?  Ok, let's say that you're super careful about copying files; so you email instead. Wait.your email program is actually on your remote cloud desktop. No problem, you can just use your Gmail account, right?
 
Sorry, same result: You've just emailed yourself the infected file.  
 
 
 
5. Risk number 5 is the hidden risk that is part of the evolution of industry. What did you say?  Sorry, that was purposely cryptic to keep your attention.  So the hidden risk is.. mobile devices.  Yes, your mobile devices-including but not limited to notebook computers, tablets, smartphones and the most dreaded of all, FREE Wi-Fi!!!  Free Wi-Fi is a nightmare for any IT manager with even a hint of IT security concern.  The depth of Free Wi-Fi risk is too lengthy to discuss here, so we'll just focus on the devices for the purpose of this discussion.  
Suffice it to say, if you don't have iron-clad mobile device security, DON'T connect to your corporate network over Free Wi-Fi.  Just don't do it.  
 
Moving on, risks 1 - 4 are all valid (and magnified) on mobile devices.  Often forgotten and overlooked in the IT security protection strategy, mobile devices have become primary targets. Again, any detail on this topic will require a separate and dedicated article.  Just know that if you allow your employees to access corporate information like email, contacts, web portals and more, then you are putting your organization at risk if you don't deploy the proper IT security strategy for mobile devices.
 
These are 5 common scenarios you have probably experienced yourself, or most certainly have witnessed through co-workers. As you can see, the security of your local network, computers and mobile devices is very important.  Data-Tech recommends an End to End IT Security Strategy with SonicWALL's Security Portfolio.
 
Again with the "Whys".Why is SonicWALL's security technology so effective? It's important to understand-more than that, it's imperative to understand-it's not just SonicWALL's technology that's so effective in the fight against cyber threats. The protection strategy and proper implementation of SonicWALL Security is equally important.  
 
A network is not secure unless it's continually secured. Ok, I might have just made that up but it's accurate.  I'll explain:  A common theme in IT security is to simply apply cyber security at the access points. Unfortunately, too many IT companies see this solely as the place where your Internet connection meets your network router. If your IT security people are paying attention, they know that "access points" are located anywhere something can access your network. This obviously includes all your workstations and network devices. (Have you heard of IoT?  Look for a future white paper on the subject). We will exclude "IoT" for now.  
 
So your IT company knows that "access points" need to be secured to deploy an Anti-Virus.  (Silent Pause) No, that's not good enough. Here's the point:  Securing "access points"-even if you get them all-is NOT enough.  That is not a "continually secured" network. A proper IT security deployment strategy continually scans ALL network traffic, not just network traffic to and from the Internet or even branch locations.  
 
Data-Tech's SonicWALL IT Security Deployment Strategy is to have ALL network traffic go through the SonicWALL Security Appliance to be continually scanned for intrusive and harmful infections.
 
"Wait a second. Chris, you're telling me that having a state of the art firewall and Anti-Virus endpoint security deployed on every device, along with strict IT security policies, is not enough?  
 
Yes, that is what I am telling you!
 
Scenario: Your employees all have notebook computers and mobile devices of some kind (most do these days; yet another White Paper on the Dangers of BYOD - Bring your own device to work). Let's say they jump on the FREE Wi-Fi at Starbucks.  A mysterious webpage pops up and says "In order to use this FREE Wi-Fi by Starbucks, you must accept this security policy. Click Yes to continue."  BAM.Infected.
 
However, the user has no idea at this point that a bomb has just been planted on their notebook computer.  No worries, they are simply browsing the Internet. You have a strict IT security policy in effect where remote users cannot access your corporate network via FREE Wi-Fi.  Good for you-but not good enough!  Sorry if that sounds harsh, but this is serious stuff.   
 
Ok, back on point and let's speed this up. You think your `No FREE Wi-Fi' policy will protect you from the BOMB that this user just allowed to be planted on their mobile device. Let me ask you: What happens when that employee gets back to the office and connects that very same notebook computer to your corporate network, via network cable or your local "secured" wireless network? Nothing. That's what happens. Because you have contracted Data-Tech to deploy a SonicWALL Security Appliance, every data packet on that network is continually scanned. That notebook computer is locked down and secured from the network and the IT security officer-along with Data-Tech-is notified of a compromised network device and intrusion attempt.
 
Your network is safe and you are a hero. Data-Tech gives you all the credit for saving the day which you rightly deserve for contacting us in the first place.
 
I know what you're thinking now: "This sounds expensive."  Well it absolutely doesn't have to be.
 
Data-Tech offers exclusive cost-effective Enterprise-Level Security Services to protect your local network, computers and mobile devices. These are completely managed services, with NO hardware to purchase and low monthly fees which will secure not only your local network, but all of your remote devices as well. Combined with Data-Tech's Cloud Security, your entire enterprise will be protected from End to End.  Click Here to Read More about Data-Tech's Managed IT Services.  and call us for a free IT security review.
 
What about Data-Tech's cloud security?  
 
There are 3 primary strategies in place in Data-Tech's overall IT Security Protection Plan.  While there are many sub-layers of a complex security matrix, I will outline the 3 primary strategic focal points here.
 
 
Data-Tech's SonicWALL Certified Security Engineers work closely with the top security experts at SonicWALL to not only provide high secure networks for our clients, but to ensure our Cloud Center utilizes the latest technology and cyber security strategy available.
 
 Here is our top layer of security strategy:
Prevention
The best IT security strategy is to prevent anything from happening.  Data-Tech deploys the highest level of IT security with SonicWALL Enterprise Security Appliances, featuring exclusive DPI / SSL technology. The perimeter SonicWALL appliances provide intrusion prevention, Gateway Anti-Virus and Secure Socket Layer decryption, so every data-packet is thoroughly scanned before it ever gets inside the network.  Click Here to Read More..
 
Equally in-depth email scanning technology with Barracuda's Enterprise Spam and Virus Protection Cloud Services ensures all email and attachments are scanned before they get to our MS Exchange cluster farm, where all data is scanned again for an extra layer of security.  Once the data is passed through the Firewalls and Email Security, they are again scanned by Symantec Virus Network Layer Protection on every device in the data-center.
 
Pro-Active
Data-Tech's Versa Security technology -built on the highest IT standards with SonicWALL and Kaseya's managed IT platform, combined with the CyberCATs' Predictive Scanners-provides un-paralleled pro-active protection. Meet Versa-Prime, who's responsible for managing the team of automation programs called Versa-Bots as well as real-time network continual packet scanning.  Click Here to Read More...
 
Reactive
   In the rare event that Data-Techs Perimeter Prevention and Pro-Active Scanners do not stop an infection, Data-Tech's automated system protection and recovery procedures take over, featuring our exclusive Versa-Bots technology and self-healing systems designed to protect and recover in real-time.
    
 
 
Vendor *
Web Link
Date Entered 4/3/2019
You Tube Link
Type Of Article Case Study
Article ID 596

  Copyright    Lietz Development, Inc. 1996. All Rights Reserved.