The role of the cloud in the modern security architecture
by Mirko Zorz - Editor in Chief - Thursday, 31 July 2014.
In this interview, Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.

How is the cloud shaping the modern security architecture? Have we reached the point where it's unpractical not to use it?

Leveraging the cloud is really inevitable. IT organizations are moving infrastructure, applications, and data to the cloud for management benefits, and end user organizations appreciate the benefits of cloud services for more rapid time-to-value.

The cloud brings new issues to IT organizations:
  • Change in attack surface. As IT organizations move their applications and their data to public clouds and SaaS, there are new surfaces for hackers to attack.
  • Loss of control over devices and networks. As cloud enables anytime / anywhere access, users are accessing their data from devices and networks not controlled by the company.
  • Empowerment of end user organizations. The emergence of the cloud has empowered end user organizations (e.g., sales, marketing, HR, support) to deploy applications without IT involvement, dramatically impacting governance issues around security posture.
  • Shift in IT resource allocation. Usage of the cloud shifts the burden of hosting servers on premises toward providing adequate network connectivity and traffic prioritization to business critical cloud services. It also requires a shift in allocation from traditional backhauling of data center traffic over private networks towards providing local Internet access from remote offices.
Still, there is much to be leveraged in the security architecture by providing security in the cloud:
  • Ability to provide protection everywhere. Utilizing cloud security services can help protect users wherever they are connected and still provide central IT management and reporting on security posture.
  • Ability to terminate connections and analyze threats to block them before they reach the customerís networks or devices.
  • Ability to leverage vast amounts of crowd-sourced data in real-time to perform functions such as global Bayesian analysis or polymorphic virus detection that were previously inaccessible to organizations who did not leverage the cloud.
  • Ability to provide redundancy during customer site outages.
  • Ability to leverage elastic-compute to handle operations that may exceed the processing power of typical endpoint network security devices.
What security technologies have benefited the most from the cloud?

Many technologies benefit from the cloud. One of the most impactful has been cloud-based, real-time threat protection.

The familiar security concept introduced by desktop anti-virus vendors was to collect virus samples from some subset of customers, produce definitions and have endpoints download those definitions on a periodic basis. The relative isolation of every individual attack instance on which to collect data and the periodic nature of updates in the old world created relatively long attack windows for attackers to exploit.

With the adoption of real-time threat protection services that leverage the cloud, real-time lookups themselves can generate data that can be used to make block decisions instantly, thwarting attacks automatically once they are released in the wild. This use of cloud and big data has dramatically reduced the length of attack windows, in many cases changing the economics and targeting of attacks in general.


101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th