Connect with us

TECHNOLOGY

Security at Any Size! Cloud-Based Security for Small & Medium-Sized Organizations

Published

on

Security at Any Size! Cloud-Based Security for Small & Medium-Sized Organizations

Security at Any Size! Cloud-Based Security for Small & Medium-Sized Organizations

The threats and risks associated with cybersecurity are continuously evolving.

For small and medium-sized businesses (SMBs), the challenges can be greater still due to limits on resources and expertise, alongside issues as diverse as outdated software and patching, speed and complexity of change, talent and skills gaps, compliance requirements, lack of IT infrastructure visibility and disconnected data sources – the list goes on!

And this is a risk sector that is growing just as fast as SMBs continue to matter ever more to our global and national economies. This is evidenced across multiple cybersecurity practitioner studies, with the Data Breach Investigations Report of 2022 (research by Verizon) finding over 75% of cyber-security incidents occurred at SMBs, up from 55%. Additionally, the recent “State of IT Security for SMBs in 2022-2023” by Devolutions which identified ransomware (81%), phishing (69%) and malware (38%) as leading concerns – but equally revealed a key juxtaposition too.

Whilst an eye-watering 60% of SMBs experienced at least 1 cyberattack in the previous year, only an alarming 18% of SMBs reported checking all key IT security areas imperative to protect against cyberattacks which are only increasing in scope, sophistication and scale — and further still, some 13% reported NOT implementing ANY essential IT security measures. This highlights an overriding priority – moving beyond heightened cybersecurity awareness and SMB’s experience of impacts – to preventing security issues from causing business disruption. Let’s turn now to the ‘why’s’ and & ‘hows’ of addressing!

Advertisement

SMB_Cyber_Security_Challenges.png

SMB Cyber Security Challenges

Compared to larger enterprises, SMBs typically experience unique or a more complex set of cybersecurity challenges. Some of the most notable include:

⚙️Limited Budgets: Most SMBs operate with limited financial resources, which means that they might not be able to invest heavily in state-of-the-art cybersecurity tools and solutions.

⚙️Lack of Expertise: SMBs might not have dedicated IT or cybersecurity staff, making it hard to stay updated on the latest threats and best practices.

⚙️Underestimation of Threats: Many SMBs mistakenly believe that they are not targets for cyberattacks due to their smaller size, but in reality, many cybercriminals target SMBs precisely because they tend to have weaker defences.

⚙️Resource Constraints: Beyond financial constraints, SMBs might lack the necessary human resources or technical infrastructure to implement robust cybersecurity measures.

⚙️Legacy Systems: Due to budget and resource constraints, SMBs might be using outdated hardware and software that are more vulnerable to security breaches.

Advertisement

⚙️Lack of Policies and Training: SMBs might not have formal cybersecurity policies or regular employee training in place, leading to employees being unaware of best practices and potential risks. This includes simulation exercises around threats and roles in that context.

⚙️Supply Chain Vulnerabilities: If an SMB is part of a larger supply chain, a cyberattack targeting the SMB might be intended to breach a larger enterprise via the SMB’s weaker security.

⚙️BYOD (Bring Your Own Device) Risks: Without a strict IT policy, employees might use personal devices for business purposes, which may not have the same security controls as company-provided devices.

⚙️Rapid Growth Challenges: If an SMB experiences rapid growth, they might onboard new technologies and employees quickly without adequately considering security implications.

⚙️Regulatory and Compliance Issues: SMBs in certain sectors might be subject to regulatory compliance (e.g., GDPRHIPAA) but lack resources or knowledge to ensure their compliance.

⚙️Recovery Limitations: In the event of a cyber incident, SMBs might not have a comprehensive backup and recovery strategy, making it harder to restore operations to a pre-attack state.

Advertisement

⚙️Physical Security Oversights: SMBs might focus heavily on digital threats and overlook physical security, for example securing server rooms or disposing of old hardware safely.

⚙️Move to Cloud: As SMBs increasingly migrate to the cloud for scalability, flexibility, and cost savings, they also face unique cybersecurity challenges alongside the opportunities cloud catalyses – let’s explore this now in more detail!

️Cloud-Based_Security_for_SMBs_️.png

Cloud-Based Security for SMBs 

SMBs, given their limited resources and challenges described above as compared to larger corporations, need to be particularly vigilant about cloud cybersecurity. By following best practices and being proactive, they can significantly mitigate risks and make the very most of cloud technologies and all they enable across scale, flexibility, cost and ultimately – innovation and growth. Cloud data security allows you to securely manage your most important data offsite without the cost of on-premises servers. Here are some of personal best practice reflections and considerations for SMBs in relation to cloud cybersecurity!

✅Cloud Provider Selection: Not all cloud providers offer the same level of security. Before selecting a provider, review their security certifications, compliance standards, and any independent audit reports. Ensure they match your business’s specific needs.

✅Data Encryption: Always encrypt sensitive data both at rest and in transit. Many cloud providers offer encryption services as part of their offerings. Use strong encryption standards and manage encryption keys securely.

✅Multi-factor Authentication (MFA): MFA adds an additional layer of security by requiring two or more verification methods. It’s a simple yet effective way to thwart unauthorized access.

Advertisement

✅Regular Backups: Ensure that you have a robust backup system in place. This not only helps in case of a cyberattack but also in situations like data corruption or accidental deletion.

✅Educate Employees: Many breaches occur due to employee negligence or ignorance. Conduct regular training sessions on best practices, phishing awareness, and secure use of cloud applications.

✅Access Controls: Use the principle of least privilege (PoLP). Only grant access to data and applications that a user needs to perform their job. Regularly review and update permissions.

✅Endpoint Security: Since cloud services can be accessed from various devices, it’s vital to ensure that all endpoints are secure. This includes regular updates, antivirus software, and monitoring for suspicious activity.

✅Secure APIs: If your business uses APIs to connect with other services or tools in the cloud, ensure they are securely coded and regularly monitored.

✅Regular Security Audits: Periodically review and assess your cloud environment for vulnerabilities. This can be done internally or by hiring a third-party service.

Advertisement

✅Incident Response Plan: Even with all the precautions, breaches can happen. Have a clear incident response plan in place so you can act quickly and minimize damage.

✅Review Contracts and SLAs: When signing up with a cloud provider, thoroughly read through the Service Level Agreements (SLAs) and understand who’s responsible for what in terms of security. Some aspects might be the cloud provider’s responsibility, while others might fall on you.

✅Use of CASBs: Cloud Access Security Brokers (CASBs) act as gatekeepers between on-premises infrastructures and cloud providers. They can offer visibility, compliance, data security, and threat protection.

SMB_Cloud-Based_Cyber_Security_Support_with_AWS.jpeg

SMB Cloud-Based Cyber Security Support with AWS

Cloud-based cybersecurity can afford multiple benefits, notably economies of scale to achieve more security at less cost, quick and easy deployment, automatic updates to always keep on the cusp of cutting edge security solutions, redundancy and backup to ensure data safety and business continuity and the accessibility to manage and monitor security from anywhere!

And so to help address the SMB cybersecurity challenge whilst also optimizing cloud computing benefits, AWS has released an eBook freely available 🗞️ here and offering insights into just how a cloud-based approach can address SMB cybersecurity challenges more efficiently and cost-effectively too. The guide also reflects how organizations not only need to address security, but they need to ensure they can adapt to support the increased productivity and scale that cloud-native development brings.

The guide 🗞️covers Security Challenges and Opportunities for SMBs, Best Practices for a Cybersecurity Program Framework, Advantages of Cloud-Based Cybersecurity, Assessing the Right Time for a Cloud-Based Security Approach and How AWS Can Help Secure Your Business – with case studies of real-world implementation by SMB’s. Additional examples can be explored within AWS’s Smart Business Hub including Greenko Group within the Energy Market and Sementes Jotabasso within Large Scale Agriculture.

Advertisement

I would also recommend checking out the AWS Connected Community On Demand Learning Resources, for example the latest episode in the ‘Secure my Business’ Series available now here. Hosted by Oren Waldman, Senior Solutions Architect at Amazon Web Services (AWS) alongside Phillip Knapp, Senior Solutions Engineer this is a brilliant session of bite-sizing learning (c10 minutes) covering the latest cyber-attack prevention advice alongside the AWS Shared Responsibility Model.

And there is more! Based on my personal experience using AWS features and as a judge and mentor across AWS startup and DEI events, here are some additional suggestions around AWS-specific cybersecurity best practices for SMBs!

🌟AWS Identity and Access Management (IAM) Use IAM to create and manage AWS users and permissions. Implement strong password policies for your IAM users. Use roles for applications and services that run on Amazon EC2 instances. Enable Multi-Factor Authentication (MFA) for your AWS root account & privileged IAM users

🌟Amazon S3 Bucket Policies Always ensure that your S3 buckets are not publicly accessible unless intentionally done. Use bucket policies to restrict access to only necessary entities and services.

🌟VPC Security: Use Virtual Private Cloud (VPC) to create a private network for your resources. Use security groups (stateful firewalls) and Network Access Control Lists (stateless firewalls) to control inbound and outbound traffic to resources.

🌟AWS CloudTrail: Enable CloudTrail in all regions to log API calls & give visibility to actions taken in your account

Advertisement

🌟Amazon GuardDuty: Consider enabling GuardDuty, an AWS threat detection service that continuously monitors for malicious or unauthorized behaviour.

🌟AWS Config: Use AWS Config to monitor and assess configurations of your AWS resources. It helps ensure compliance with internal policies and regulatory standards.

🌟Regularly Rotate Access Keys: Regularly rotate and remove unused IAM access keys. Avoid using root account keys; instead, use IAM user access keys.

🌟Encrypt Data: Use AWS Key Management Service (KMS) or other encryption services to encrypt data at rest and in transit.

🌟Backup Regularly: Use services like AWS Backup to automate backups of EBS volumes, RDS databases, DynamoDB tables, and more.

🌟Patch Management: Regularly patch and update your EC2 instances. Consider using AWS Systems Manager Patch Manager for automating the patching process.

Advertisement

🌟Endpoint Security: Protect your EC2 instances with antimalware and intrusion prevention solutions. AWS offers Amazon Inspector, a service that assesses applications for vulnerabilities.

🌟AWS Organizations: If you have multiple AWS accounts, use AWS Organizations to centrally manage policies and ensure compliance.

🌟Incident Response: Be prepared with a plan for potential security incidents. AWS provides documentation and tools to help formulate incident response strategies.

🌟AWS Well-Architected Framework: Follow the security pillar of the AWS Well-Architected Framework for best practices on designing and operating reliable, secure, efficient, and cost-effective systems in the cloud.

Final Thoughts 

As cyber threats become more sophisticated and pervasive, it’s crucial for SMBs to stay informed and proactive in their security approaches! A cloud-based solution, especially with a robust platform like AWS, can provide the scalability, efficiency, and advanced protection that these vital businesses need to thrive in today’s rapidly evolving landscape – and this all aligned to a transparent shared responsibility model.

By understanding the unique challenges SMBs face and utilizing the best practices, solutions and free resources available, you can ensure that your business remains resilient and secure in our ever-changing world, supported by the trusted partnership that allows you to retain focus on your business! Absolutely critical developments here to deliver the vision of cybersecurity protection that enables ‘Security at any Size’ – from Enterprise to SMB alike!

Advertisement

About the Author

A highly experienced chief technology officer, professor in advanced technologies, and a global strategic advisor on digital transformation, Sally Eaves specialises in the application of emergent technologies, notably AI, 5G, cloud, security, and IoT disciplines, for business and IT transformation, alongside social impact at scale, especially from sustainability and DEI perspectives.

An international keynote speaker and author, Sally was an inaugural recipient of the Frontier Technology and Social Impact award, presented at the United Nations, and has been described as the “torchbearer for ethical tech”, founding Aspirational Futures to enhance inclusion, diversity, and belonging in the technology space and beyond. Sally is also the chair for the Global Cyber Trust at GFCYBER.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

TECHNOLOGY

Next-gen chips, Amazon Q, and speedy S3

Published

on

By

Cloud Computing News

AWS re:Invent, which has been taking place from November 27 and runs to December 1, has had its usual plethora of announcements: a total of 21 at time of print.

Perhaps not surprisingly, given the huge potential impact of generative AI – ChatGPT officially turns one year old today – a lot of focus has been on the AI side for AWS’ announcements, including a major partnership inked with NVIDIA across infrastructure, software, and services.

Yet there has been plenty more announced at the Las Vegas jamboree besides. Here, CloudTech rounds up the best of the rest:

Next-generation chips

This was the other major AI-focused announcement at re:Invent: the launch of two new chips, AWS Graviton4 and AWS Trainium2, for training and running AI and machine learning (ML) models, among other customer workloads. Graviton4 shapes up against its predecessor with 30% better compute performance, 50% more cores and 75% more memory bandwidth, while Trainium2 delivers up to four times faster training than before and will be able to be deployed in EC2 UltraClusters of up to 100,000 chips.

The EC2 UltraClusters are designed to ‘deliver the highest performance, most energy efficient AI model training infrastructure in the cloud’, as AWS puts it. With it, customers will be able to train large language models in ‘a fraction of the time’, as well as double energy efficiency.

Advertisement

As ever, AWS offers customers who are already utilising these tools. Databricks, Epic and SAP are among the companies cited as using the new AWS-designed chips.

Zero-ETL integrations

AWS announced new Amazon Aurora PostgreSQL, Amazon DynamoDB, and Amazon Relational Database Services (Amazon RDS) for MySQL integrations with Amazon Redshift, AWS’ cloud data warehouse. The zero-ETL integrations – eliminating the need to build ETL (extract, transform, load) data pipelines – make it easier to connect and analyse transactional data across various relational and non-relational databases in Amazon Redshift.

A simple example of how zero-ETL functions can be seen is in a hypothetical company which stores transactional data – time of transaction, items bought, where the transaction occurred – in a relational database, but use another analytics tool to analyse data in a non-relational database. To connect it all up, companies would previously have to construct ETL data pipelines which are a time and money sink.

The latest integrations “build on AWS’s zero-ETL foundation… so customers can quickly and easily connect all of their data, no matter where it lives,” the company said.

Amazon S3 Express One Zone

AWS announced the general availability of Amazon S3 Express One Zone, a new storage class purpose-built for customers’ most frequently-accessed data. Data access speed is up to 10 times faster and request costs up to 50% lower than standard S3. Companies can also opt to collocate their Amazon S3 Express One Zone data in the same availability zone as their compute resources.  

Companies and partners who are using Amazon S3 Express One Zone include ChaosSearch, Cloudera, and Pinterest.

Advertisement

Amazon Q

A new product, and an interesting pivot, again with generative AI at its core. Amazon Q was announced as a ‘new type of generative AI-powered assistant’ which can be tailored to a customer’s business. “Customers can get fast, relevant answers to pressing questions, generate content, and take actions – all informed by a customer’s information repositories, code, and enterprise systems,” AWS added. The service also can assist companies building on AWS, as well as companies using AWS applications for business intelligence, contact centres, and supply chain management.

Customers cited as early adopters include Accenture, BMW and Wunderkind.

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

TECHNOLOGY

HCLTech and Cisco create collaborative hybrid workplaces

Published

on

By

Cloud Computing News

Digital comms specialist Cisco and global tech firm HCLTech have teamed up to launch Meeting-Rooms-as-a-Service (MRaaS).

Available on a subscription model, this solution modernises legacy meeting rooms and enables users to join meetings from any meeting solution provider using Webex devices.

The MRaaS solution helps enterprises simplify the design, implementation and maintenance of integrated meeting rooms, enabling seamless collaboration for their globally distributed hybrid workforces.

Rakshit Ghura, senior VP and Global head of digital workplace services, HCLTech, said: “MRaaS combines our consulting and managed services expertise with Cisco’s proficiency in Webex devices to change the way employees conceptualise, organise and interact in a collaborative environment for a modern hybrid work model.

“The common vision of our partnership is to elevate the collaboration experience at work and drive productivity through modern meeting rooms.”

Advertisement

Alexandra Zagury, VP of partner managed and as-a-Service Sales at Cisco, said: “Our partnership with HCLTech helps our clients transform their offices through cost-effective managed services that support the ongoing evolution of workspaces.

“As we reimagine the modern office, we are making it easier to support collaboration and productivity among workers, whether they are in the office or elsewhere.”

Cisco’s Webex collaboration devices harness the power of artificial intelligence to offer intuitive, seamless collaboration experiences, enabling meeting rooms with smart features such as meeting zones, intelligent people framing, optimised attendee audio and background noise removal, among others.

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: Cisco, collaboration, HCLTech, Hybrid, meetings

Source link

Advertisement
Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

TECHNOLOGY

Canonical releases low-touch private cloud MicroCloud

Published

on

By

Cloud Computing News

Canonical has announced the general availability of MicroCloud, a low-touch, open source cloud solution. MicroCloud is part of Canonical’s growing cloud infrastructure portfolio.

It is purpose-built for scalable clusters and edge deployments for all types of enterprises. It is designed with simplicity, security and automation in mind, minimising the time and effort to both deploy and maintain it. Conveniently, enterprise support for MicroCloud is offered as part of Canonical’s Ubuntu Pro subscription, with several support tiers available, and priced per node.

MicroClouds are optimised for repeatable and reliable remote deployments. A single command initiates the orchestration and clustering of various components with minimal involvement by the user, resulting in a fully functional cloud within minutes. This simplified deployment process significantly reduces the barrier to entry, putting a production-grade cloud at everyone’s fingertips.

Juan Manuel Ventura, head of architectures & technologies at Spindox, said: “Cloud computing is not only about technology, it’s the beating heart of any modern industrial transformation, driving agility and innovation. Our mission is to provide our customers with the most effective ways to innovate and bring value; having a complexity-free cloud infrastructure is one important piece of that puzzle. With MicroCloud, the focus shifts away from struggling with cloud operations to solving real business challenges” says

In addition to seamless deployment, MicroCloud prioritises security and ease of maintenance. All MicroCloud components are built with strict confinement for increased security, with over-the-air transactional updates that preserve data and roll back on errors automatically. Upgrades to newer versions are handled automatically and without downtime, with the mechanisms to hold or schedule them as needed.

Advertisement

With this approach, MicroCloud caters to both on-premise clouds but also edge deployments at remote locations, allowing organisations to use the same infrastructure primitives and services wherever they are needed. It is suitable for business-in-branch office locations or industrial use inside a factory, as well as distributed locations where the focus is on replicability and unattended operations.

Cedric Gegout, VP of product at Canonical, said: “As data becomes more distributed, the infrastructure has to follow. Cloud computing is now distributed, spanning across data centres, far and near edge computing appliances. MicroCloud is our answer to that.

“By packaging known infrastructure primitives in a portable and unattended way, we are delivering a simpler, more prescriptive cloud experience that makes zero-ops a reality for many Industries.“

MicroCloud’s lightweight architecture makes it usable on both commodity and high-end hardware, with several ways to further reduce its footprint depending on your workload needs. In addition to the standard Ubuntu Server or Desktop, MicroClouds can be run on Ubuntu Core – a lightweight OS optimised for the edge. With Ubuntu Core, MicroClouds are a perfect solution for far-edge locations with limited computing capabilities. Users can choose to run their workloads using Kubernetes or via system containers. System containers based on LXD behave similarly to traditional VMs but consume fewer resources while providing bare-metal performance.

Coupled with Canonical’s Ubuntu Pro + Support subscription, MicroCloud users can benefit from an enterprise-grade open source cloud solution that is fully supported and with better economics. An Ubuntu Pro subscription offers security maintenance for the broadest collection of open-source software available from a single vendor today. It covers over 30k packages with a consistent security maintenance commitment, and additional features such as kernel livepatch, systems management at scale, certified compliance and hardening profiles enabling easy adoption for enterprises. With per-node pricing and no hidden fees, customers can rest assured that their environment is secure and supported without the expensive price tag typically associated with cloud solutions.

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Advertisement

Tags: automation, Canonical, MicroCloud, private cloud

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

Trending

Follow by Email
RSS