Skip to content

Cybersecurity is a Top Risk Across All Industries

By Rob Phillips, Market Vice President, Pittsburgh

Most CEO surveys today rank cybersecurity threats as a top-five risk, regardless of industry type. CEOs care about data breaches and ransomware attacks because attacks have become so common, regardless of organizational size or IT staff expertise. CEOs know that a ransomware infection or a data breach can put the life of the organization at risk.

Security best practices are difficult and expensive to implement

Internal IT staff often struggles to maintain an up-to-date, standardized set of security best practices. Why? Keeping security systems running and updated with proper patches and policies is time-consuming, expensive, and difficult. New threats often require new tools or new security equipment. Few internal IT staffs can keep up with the ever-changing landscape of threats.

How can cloud infrastructure reduce the risk?

Enterprise Cloud Infrastructure platforms have best-in-class security features baked into the architecture, which enables a secure-by-default cloud experience. For instance, standard security features include: Active Directory integration, micro-segmentation, data encryption at rest, multi-factor authentication (MFA), and role-based access control (RBAC). Running applications on a fully managed Enterprise cloud platform can help you implement security best practices without having to evaluate security tools, purchase, license, implement, maintain, and update these tools.

Internal IT staff needs only to work with the cloud infrastructure provider to understand the security features, then work with the provider to select and configure based on the organization’s security posture. Co-management of security tools by an enterprise cloud provider will free up your IT staff to focus on strategic projects and will reduce the ever-present cybersecurity burden on your staff and IT environment.

What security expectations should I have for an enterprise cloud provider?

The best enterprise cloud providers deliver these security best practices as a standard part of their offering:

•    Multiple firewalls with automated threat management and protection – Firewalls define a secure perimeter to prevent access by bad actors and to alert you if someone tries.

•    Disk-based encryption at rest – All company data is encrypted on cloud storage, making the data even more difficult to read, even in the event of a breach.

•    Multi-factor authentication (MFA) for administrators – Like an ATM card with a PIN, MFA only allows Administrators to access systems if they have a physical security token plus a passcode.

•    Network micro-segmentation – Limiting which servers can talk to each other limits systems access by bad actors even if a breach were to occur.

•    Logging and optional log aggregation of activity on computer systems with the ability to audit those logs allows forensic teams to evaluate what happened during a breach or an attempt.

Can’t I do the same thing internally?

Yes, you can implement similar tools internally, but the cost of implementing the best practices mentioned above and their associated tools can run upwards of tens of thousands of dollars per year once you factor in acquisition costs, support, maintenance, upgrades, troubleshooting and continuing education.

Today, companies leverage Enterprise cloud to increase security and decrease administration, while focusing on the business at hand.