The Silver Lining In Your Cloud TM

Preventing Data Security Threats from Internal Attacks

In a recent article, we discussed the importance of perimeter firewalls to the security of your data on the cloud.

A strong firewall at the edge of your cloud environment can repel intrusion attempts from the outside with ease.

However, preventing data security threats doesn’t mean just the outside of your organization; in fact, inside can be far more dangerous.

Internal Attacks Are a Major Data Security Threat

One of the biggest threats to your company’s IT security is disgruntled employees. In fact, ranks disgruntled employees as “Risk No. 1” on their list of biggest security risks.

In their article, quotes the CTO of Green House Data, Cortney Thompson, as saying that “rogue employees, especially members of the IT team with knowledge of and access to networks, data centers and admin accounts, can cause serious damage.”

Meanwhile, careless or uninformed employees rank a close second on the list. As SafeLogic’s CEO, Ray Potter, notes in the CIO article, “A careless worker who forgets [his] unlocked iPhone in a taxi is as dangerous as a disgruntled user who maliciously leaks information to a competitor.”

By being careless with user account information or access-enabled devices, employees can give hackers a way to circumvent perimeter defenses and start an attack from within.

Whether caused by malicious employees or careless ones, internal attacks are a serious threat to data security.

Keeping Individual Tenants on a Cloud Secure

When a hacker manages to successfully acquire legitimate login credentials to bypass the perimeter firewall, it’s vital to have strong interior protections in place to make sure that all of the tenants on the cloud behind that perimeter are protected from attack.

This is why per-tenant firewalls are invaluable for a truly secure cloud solution. With per-tenant level firewalls, your cloud environment on a multitenant cloud architecture is isolated from the other tenants on the cloud.

However, not just any per-tenant firewall will do. The internal firewall for a given cloud solution needs to be just as powerful as the one at the perimeter if it’s going to stop an internal attack.

To provide per-tenant firewall protection, WHOA partners with Alert Logic. Alert Logic’s Managed Web Security Service employs 24×7 management of their firewall solution to ensure that the firewall is fine-tuned to provide effective protection against attack while minimizing complexity for the end user.

If this firewall is paired with Alert Logic’s Log Manager solution to track the source of intrusion attempts and provide a log of data access activity, which is a must-have for many different compliance standards.

By using per-tenant firewalls on the cloud in addition to the perimeter firewall, WHOA puts more security between your data and the thieves who would abuse it.

In the modern world, the use of multiple layers of security is a must if a cloud solution is going to be truly secure from attack.

As online threats grow more sophisticated, the need for clouds to be built from the ground up with security integration will continue to grow as well.