Should Organisations Avoid Cloud?
Following SolarWinds attack
This is a Press Release edited by StorageNewsletter.com on December 25, 2020 at 2:17 pm
This article was written by Aron Brand, CTO, CTERA Networks, Ltd.
Should organisations avoid the cloud, following SolarWinds attack?
The SolarWinds attack is forcing enterprise and government organizations to face a hard truth: they don’t have visibility into the security processes of their IT vendors. At a time when cloud services have become mainstream elements of an IT agenda, it’s jarring to see Microsoft, VMware, and many other cloud vendors having been impacted by this attack.
We are not suggesting that organizations avoid cloud; quite the opposite. But you must secure cloud as you would any infrastructure you own. Let the SolarWinds hack serve as a wake-up call for any organization leveraging public cloud services.
Build high walls around your data:
1 Ensure that you generate and own your data encryption keys, and no one – not even your cloud provider – can access or control them. Completely protecting your data from any third party will ensure your data is not exposed the event of a hack.
2 Understand options for multi-cloud deployments and for developing a private cloud that can be fully deployed in your datacenter where critical assets can be stored.
3 As part of your vendor management program, require your IT suppliers to implement stringent supply chain security, using certifications such as Open Trusted Technology Provider Standard.
Subscribe to our free daily newsletter
