Page 5 - AvayaExtra Spring 2016
P. 5
1st Quarter 2016
Telecom Reseller: Extra Report on Avaya 5
PATTERSON
continued from page 1
As a result, many large companies are investing comes to managing sensitive data and le tools are sneaking into organizations under
in the private cloud, while slowing their use of sharing? On average, more than 25 percent of According to one estimate, companies with the noses of IT leaders. In a recent survey,
the public cloud.
employees will upload les containing sensitive more than half of the IT respondents said
According to one estimate, companies with data to the cloud.
more than 1,000 employees use an average that when it came to cloud services, the
more than 1,000 employees use an average
#11: Are your cloud-based applications biggest challenge was assessing the security
of 1,154 cloud-based services, “ranging from being monitored for inbound and outbound of 1,154 cloud-based services, “ranging risk before employee adoption.
enterprise-ready services procured by the IT tra c anomalies? e di erence between
#3: How do you de ne and determine
department such as O ce 365 to far lesser a minor incident and massive breach o en from enterprise-ready services procured by the best ways to deal with cloud abuse? e
known and riskier services such as FreakShare.”
comes down to the ability to quickly detect, Cloud Security Alliance de nes cloud abuse
e report further estimates that sensitive contain and mitigate an attack. Analysts at the the IT department such as Ofice 365 to far as “a bad guy using a cloud service to break
corporate data makes its way to the cloud Ponemon Institute estimate it took retailers, an encryption key too di cult to crack on a
routinely, with 15.8 percent of documents in on average, 197 days to identify an advanced lesser known and riskier services such as standard computer. Another example might
le-sharing services containing some form of threat and 39 days to contain it, while nancial be a malicious hacker using cloud servers to
sensitive content.
services organizations needed 98 days to FreakShare.”
launch a DDoS attack, propagate malware, or
As we mentioned in our mid-year review, identify and 26 to contain.
share pirated so ware.”
“Cybersecurity concerns have led many decision- #10: How exible and collaborative is
#2: What cloud technologies are being
makers to take a step back and consider private your IT department in meeting the challenges A current or former employee, contractor, or a shared, and with whom? Cloud service providers
cloud or hybrid solutions as the starting point. associated with new technologies and quickly business partner with access through IaaS, PaaS, o en share infrastructure, platforms and
Intrusions into corporate databases at Target, responding to security threats? e majority SaaS or traditional infrastructure, can o en be applications to deliver their services in a scalable
Sony, Home Depot and, just recently, the hacking of IT managers are seeing a shi toward more the source of an enterprise’s greatest risk.
way.
of 22.1 million Federal employee records have led collaboration and pooling of previously siloed #6: How do you protect credentials from
“Whether it’s the underlying components that
companies to think twice. Security issues, which resources, opening up opportunities for better the ? In 2010, Amazon was subject to a cross-site make up this infrastructure (e.g. CPU caches,
have always been part of the cloud debate, are cloud security measures.
attack that used malicious scripts in a benign GPUs, etc.) that were not designed to o er strong
now center stage.”
#9: Is your cloud service provider responsible account to launch more attacks. Many companies isolation properties for a multi-tenant architecture
While the above-named breaches generated for security? To fully secure data in the cloud, are prohibiting the sharing of accounts and
(IaaS), re-deployable platforms (PaaS), or multi-
quite a bit of attention, a study by the Ponemon enterprise IT teams should never solely rely on now require strong two-factor authentication customer applications (SaaS), the threat of shared
Institute showed that breaches are much more their cloud provider. Ensure you have a solid techniques.
vulnerabilities exists in all delivery models,” writes
widespread, with an estimated 43 percent of security strategy in place that is agnostic to the #5: Are you ready for next-generation the Cloud Security Alliance.
companies having experienced at least one data location of your data and applications.
technology and the Internet of ings (IoT)? #1: Are you using the right tools? 60 percent
breach in 2014. Clearly, the enterprise cloud and #8: How do you handle the riskiest of apps, Gartner predicts that the IoT market will grow of UK IT managers surveyed by e Register‘s
local applications are both under attack. So what storage? Cloud-based storage applications to 26 billion units by 2020. With the proliferation cloud survey said they were using VPN
are corporations expected to do?
have access to very sensitive corporate data, of connected devices, is it any surprise that IT connections, but only 34 percent said they were
e bright side of this story is that many of the particularly nancial data.
managers are increasingly concerned about the using cloud rewalls or encrypting data at rest.
same security practices used to secure traditional #7: When do you identify and stop malicious security risk of those devices?
“ e numbers continued to drop in regards to
enterprise applications also apply to the cloud.
insiders? A 2015 Experian study claimed that #4: Do you allow employees to use their own other preventative measures until the bottom
To focus on preventing the risk of data employees, particularly those working remotely devices? e rise of bring-your-own-device of the list where only 15 percent said they were
breaches, ask yourself:
or using their own mobile device, accounted for (BYOD) and bring-your-own-application using obfuscation or tokenization of sensitive
#12: What is your company policy when it
more than half of security incidents last year.
(BYOA) means that many cloud services and
data,” e Register reported.
Get more from your Avaya investment...
Choose DevConnect Select Products!
• Handpicked Avaya-compatible products and services
• Eliminate the hassle of managing multiple supplier contracts
• Choose from a growing portfolio of applications
Visit the DevConnect Marketplace
www.devconnectmarketplace.com
