classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018


Getting to the cloud
November 2018, Access Control & Identity Management, Cyber Security, IT infrastructure

South African businesses, like many worldwide, are increasingly shifting applications, services and infrastructure to the cloud where they are more accessible and available, thereby enabling productivity and business continuity for employees. However, according to Securicom, companies are discovering that the cloud presents unique security challenges, amongst which unauthorised access and misuse of employee credentials rank highly.

“Cloud apps and services to empower employee productivity and business continuity are becoming mainstream, but we are definitely noticing a lack of competency and preparedness amongst local businesses in dealing with the associated IT security challenges. The conventional methods of securing IT infrastructure do not adequately address the threats associated with the cloud,” says Securicom’s Richard Broeke.

Similar to findings in the just released Cloud Security Spotlight Report by Crowd Research Partners, Securicom’s experience in the local market also demonstrates that poor management and control of access to cloud-based infrastructure, apps and data in the cloud are a major threat to companies’ IT security.

“Poor access control and misuse of employee credentials means that data is being exposed to people who aren’t authorised to see it. While exposure of salary and income information to unauthorised eyes is never appropriate, things become far more sinister when confidential information such as banking details or sensitive business intelligence is exposed outside the company or is accessed by employees who have malicious intentions.

“Insider threats to IT security are well documented and for the most part, companies have tried to implement controls to on-premise infrastructure to curtail the problem. But these controls are not effective for the cloud. Comprehensive and more effective management and control solutions that are specific to the cloud are needed to protect data in the cloud,” explains Broeke.

Nowadays, companies across most industries operate in a highly regulated environment and are required to control and protect their information. In compliance with their industry or governmental regulations, they should therefore know where their data is, who is able to access it, and how it is being protected. When access to cloud resources is uncontrolled, with the potential of exposing the information they are required to protect, companies are in violation of regulatory requirements which can have serious repercussions. For instance, when employees move restricted data into the cloud without authorisation, business contracts may be violated and legal action could result.

In addition to the information and apps that companies themselves make available in the cloud for their users, employees are also bringing their own preferred apps into the equation. Employees choose apps based on their ability to assist them in working more efficiently but they aren’t aware of the risks of storing corporate data in unsecured apps. With the plethora of apps available, Broeke says a lot of companies do not even know which apps are at play in their enterprises.

“It makes the challenge of protecting information in the cloud more complex because now, in addition to unauthorised people accessing cloud resources which are meant for authenticated personnel only, you also have all levels of users uploading sensitive information to a host of cloud-based apps that you aren’t even aware of,” he says.

“The approach to protecting company information floating in the cloud must therefore encompass controlling access to the company’s cloud-based resources as well as managing the number and nature of cloud based apps that employees introduce to the environment. This must be coupled with setting and enforcing sound security policies across cloud environments,” concludes Broeke.

For more information contact Securicom at www.securicom.co.za


  Share via Twitter   Share via LinkedIn      

Further reading:

  • IDEMIA introduces the MorphoWave Compact
    November 2018, IDEMIA , Access Control & Identity Management
    IDEMIA has released its new MorphoWave Compact by IDEMIA, its new contactless 3D fingerprint biometric terminal.
  • NEC XON talks Industry 4.0 and disruption
    November 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Integrated Solutions, Conferences & Events, Training & Education
    NEC XON held its seventh annual summit at Sun City in October this year in which it focused on the Fourth Industrial Revolution (IR4) and how it would disrupt the status quo.
  • Our dependence on cyber-connectivity
    November 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Government and Parastatal (Industry)
    The health, safety, security, economic well-being of citizens, effective functioning of government and perhaps even the survival of the industrialised world relies heavily upon interconnected critical systems.
  • The building blocks of safe and smart cities
    November 2018, Technews Publishing, This Week's Editor's Pick, Integrated Solutions, IT infrastructure, Government and Parastatal (Industry)
    Hi-Tech Security Solutions asks NEC XON and Vox for insights into what some of the foundations of a safe and smart city are.
  • How close has video analytics grown to AI?
    November 2018, Technews Publishing, CCTV, Surveillance & Remote Monitoring, Cyber Security, Integrated Solutions
    Hi-Tech Security Solutions asks how far artificial intelligence has changed the video analytics market and how it will make an impact in future.
  • Managing business continuity and disaster recovery
    November 2018, Technews Publishing, IT infrastructure, Security Services & Risk Management
    Organisations are increasingly reliant on their IT systems and data, but they are faced with risks in the form of anything from accidental data loss, to deliberate acts of sabotage.
  • Advanced Metering Infrastructure survey
    November 2018, Pinnacle Instruments SA, News, IT infrastructure
    Pinnacle has revealed the results of research conducted on behalf of Huawei Technologies into the global Advanced Metering Infrastructure (AMI) market.
  • Disaster Recovery 2.0
    November 2018, This Week's Editor's Pick, IT infrastructure
    Protecting your business from the unexpected can mitigate the financial and reputational risks of uncontrolled downtime.
  • The need for resilience in national infrastructure
    November 2018, Government and Parastatal (Industry), Cyber Security, Security Services & Risk Management
    The industries and infrastructure on which so much of our daily lives depend are deep in the midst of mass digitisation.
  • Protecting constantly connected users
    November 2018, Products, Cyber Security
    The latest versions of ESET security products offer multi-layered protection, enhanced IoT protection, product referral and a new security report feature.
  • Better city, better life
    November 2018, Ruckus Networks, Integrated Solutions, IT infrastructure
    Cities already account for approximately 70% to 80% of the world’s economic growth, and this will only increase as cities continue to grow.
  • Blockchain explained
    November 2018, IT infrastructure, Cyber Security
    Blockchain: What is it, how it works and how it is being used in the market? A closer look at the technology that is rapidly growing in popularity.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.