Exponential increases in the amount of data that modern businesses use to operate effectively mean that the value of that data is also rising at a staggering rate. The value of this data to businesses makes it a major threat, and over the past couple of years, we’ve seen many high-profile cases of criminal activity targeting this data.
The biggest story in information security this year was the WannaCry exploit which encrypted user data and held it to ransom. While this exploit was countered relatively quickly, it has been followed by several other similar attacks.
Quite rightly, data security is now very much on the agenda in board meetings around the world, the threat to a business’ operations from data being stolen or made inaccessible is being taken seriously, and CTOs are demanding full audits of their current security procedures to ensure that data is safe.
Is the Cloud Secure?
In common with many viruses and other InfoSec threats, WannaCry exploited a vulnerability in older versions of Windows. This particular vulnerability had been patched in modern Windows versions, but was accessible in legacy OS versions used in many organisations – particularly the NHS.
The bigger issue was that the data that was encrypted was held locally (or on a network connected server). This meant that if a specific machine became compromised, the data on it would become encrypted and inaccessible.
Unless the ransom was paid, the data would remain encrypted and eventually deleted with no hope of recovery.
While the same could happen on cloud hosted Virtual Machines – if it was deployed to run an unsupported version of Windows – the data could potentially still be accessed in a back up version. Rather than needing to pay the ransom, the IT department could just roll back to an older version of the VM or database, apply the patches that had been put in place and then move on.
In this scenario, the cloud is not necessarily more secure, however it would be easier to recover. However, there are a few tools available – particularly for Azure – that do make the cloud much more secure and a better choice for businesses wanting to protect their valuable data.
Azure Security Center
Azure Security Center is a Microsoft Product that is designed to manage policies across your Azure deployment. It includes a dull range of tools to handle security.
Core to the Security Center is a suite of tools that can be used to define security across different areas. The Suite includes recommended actions to take and take the guesswork out of what is required at various levels.
A key feature of Azure Security Center is the availability of third party solutions that can be deployed from inside the suite. Tools from most major firewall providers and antivirus providers are available. Rather than just being available as an app model, third party security solutions are integrated for data collections to allow analysis through a single dashboard making spotting security threats more straightforward.
Analytics software within Azure Security Center detects threats quickly and provides notification of any events. This means that risks can be addressed before they become critical. The depth of data available through Microsoft’s wider resources means that the number of false positives is reduced.
If an attack does affect data or systems in Azure, the Security Center provides the insights about exactly what resources have been affected. This means a quicker clean-up is possible with solutions suggested by the tools.
Ready to Find out More?
Valto’s team are fully qualified Microsoft Azure consultants with experience in deploying and providing ongoing Azure management. Talk to us about your security needs today and find out how we can help you achieve your IT Strategy goals. Call now 03335 779 009 .