Welcome!

@CloudExpo Authors: Jason Bloomberg, Yeshim Deniz, Elizabeth White, Larry Alton, Shelly Palmer

Related Topics: @CloudExpo, Cloud Security, @BigDataExpo

@CloudExpo: Article

Ransomware in the Age of #SaaS | @CloudExpo SDN #AI #ML #CloudSecurity

There’s a rapidly evolving range of threats that SaaS users face on their own side that SaaS providers have no control over

Protecting Data and Applications in the Age of SaaS

Recent market analysis from Cisco demonstrates the torrid adoption of cloud-based services. By 2019, more than four-fifths of all data center traffic, 83 percent, will be based in the cloud (up from 65 percent today). Most of this action will be going to public cloud services, which will account for 56 percent of all cloud workloads. In terms of type of cloud services, a majority will be applications, as the study finds Software as a Service (SaaS) is and will continue to be the dominant mode. Currently, about 45 percent of cloud implementations are SaaS; this figure is expected to grow to 59 percent by 2019, and SaaS adoption is particularly widespread among SMBs.

The increasing trust and confidence in public cloud services has contributed, and is continuing to contribute, to the growth in SaaS adoption for mission-critical workloads. More specifically, companies using or considering SaaS are often attracted to the greater level of cybersecurity protection that SaaS providers can deliver, including installations, maintenance, upgrades and patches.

However, there's a rapidly evolving range of threats that SaaS users face on their own side that SaaS providers have no control over. These include ransomware, various insider threats and third-party apps. Ensuring a high level of protection and security for SaaS-based data and apps depends as much on SaaS users addressing these client-side threats as it does on the cybersecurity resilience of SaaS providers. Here, we'll explore these primary threats and offer tips for SaaS users to address them.

Ransomware on the Rise
Ransomware - a form of cyberattack where hackers seize and encrypt data, and demand compensation (Bitcoin) for data to be unlocked - is now the biggest malware threat in the world. Undercapitalized and outgunned small businesses are increasingly the target of ransomware. According to recent research from Kaspersky Lab, 42 percent of SMBs worldwide suffered a ransomware-based attack between late 2015 to late 2016. Of those, one in three paid up the ransom, but one in five never got their files back, despite paying.

SaaS users may initially believe that using a SaaS provider naturally protects them from this kind of attack. Cloud file solutions like Google Drive create a second copy of local data that is stored in the cloud. But this doesn't mean your data is backed up and protected. If you're infected with ransomware, the files on a local hard drive will be held for ransom (by encryption) and any backup copies in Google Drive will be overwritten when the computer is synced. This means the "backup" data is now essentially also being held for ransom.

Proper backup is the only true protection for SaaS users - and all organizations for that matter - to guard against ransomware attacks. One effective technique is cloud-to-cloud backup, which enables data stored in one cloud to be backed up to another cloud. This type of backup can be automated, for maximum ease and resource-efficiency. In the future, we expect backup capabilities to deliver more automated ransomware protection - not just backing up data, but actually identifying ransomware attacks and the impacted files. This will help expedite data recovery and minimize any potential business disruption and downtime.

Insider Threats
Another major security problem today is insiders - according to Verizon, insiders are responsible for up to 90 percent of security incidents. This does not mean, however, that all these insiders have ill intentions. Most insider-driven security breaches are committed by innocent workers who are unaware they're actually doing something wrong, and creating major risks.

Consider an employee who moves sensitive data from a SaaS application to their personal iPad, or even their personal email address, in order to work on it at home. Their aim is good - to be more productive - but practices such as these can be hazardous. In the simplest example, this employee may lose their device and it may fall into the wrong hands. Or, the employee may switch jobs and go to a competitor, and then have full access to this SaaS data via their personal email account.

To address these threats, organizations should instill a culture of security and implement training on how employees can avoid certain practices that inadvertently create risk - from sharing passwords, to clicking on suspicious email links, to downloading and sending data to personal devices and email accounts. As the Ponemon Institute notes, "Good protection starts at the computer."

But given the speed at which most workers are moving today, it is important to supplement this training with automated protections and supports. SaaS users can also benefit from automated solutions that identify and delete risky data sharing practices and alert IT to risky or unusual user behaviors. These types of oversights can help minimize unnecessary risk exposure.

Third-Party Apps
Third-party apps that connect directly to SaaS data and applications are another major threat. Often, employees will download third-party apps - for functions like calendar or messaging, for example - in order to supplement the functionality of their SaaS apps. However, they often do this without express IT permission, a trend known as "shadow IT." Their intentions may be good, but if any one of these apps is backed by a malicious party, that party now has a full-access pass to critical SaaS data and applications.

Consider the case of the recent Gooligan malware, an Android-based malware that has compromised more than one million Google accounts, hundreds of them associated with enterprise users. The infection began when users downloaded and installed a Gooligan-infected app from a third-party app store on a vulnerable Android device. Through a process called rooting, Gooligan then stole Google account and authentication token information and launched a sinister money-making scheme, downloading apps and giving them positive reviews, as well as installing adware to fraudulently generate revenues.

While the Gooligan hackers' ultimate goal proved not to be data theft, they could have inflicted major damage. According to researchers, a total of 86 apps available in third-party marketplaces carried the malware, and collectively they had the power to root 74 percent of all Android phones worldwide. Gooligan was just the latest (and perhaps most eye-opening) example of the potential danger that third-party apps can pose to the security of connected SaaS-based data and applications. Industry research shows that the use of third-party apps within enterprises has increased 30 times over the past two years, and more than a quarter of these apps are risky. Given the acceleration of third-party app downloads - which isn't expected to slow anytime soon - SaaS users should frequently scan third-party applications accessing SaaS systems, as well as "blacklist" and remove any identified as suspicious.

Conclusion
Both SaaS providers and users face a rapidly evolving threat environment, and protection and security of SaaS-based data and applications must be a shared endeavor. SaaS providers have made great strides in their security standardizations, but it is impossible for them to address the range of threats that lie on the client-side, including ransomware, insider threats and third-party apps. SaaS users must assume this responsibility and understand the important role they play in ensuring the security and protection of their own data and apps based in the cloud.

More Stories By Dmitry Dontsov

Dmitry Dontsov, CEO of Spinbackup, has wide technology and marketing expertise in the area of cloud apps development and management. In addition to being the CEO and Co-founder of Spinbackup, he is the Co-founder of Bridge and founder of Optimum Web Outsourcing.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
Elon Musk is among the notable industry figures who worries about the power of AI to destroy rather than help society. Mark Zuckerberg, on the other hand, embraces all that is going on. AI is most powerful when deployed across the vast networks being built for Internets of Things in the manufacturing, transportation and logistics, retail, healthcare, government and other sectors. Is AI transforming IoT for the good or the bad? Do we need to worry about its potential destructive power? Or will we...
Cloud-based disaster recovery is critical to any production environment and is a high priority for many enterprise organizations today. Nearly 40% of organizations have had to execute their BCDR plan due to a service disruption in the past two years. Zerto on IBM Cloud offer VMware and Microsoft customers simple, automated recovery of on-premise VMware and Microsoft workloads to IBM Cloud data centers.
Many organizations adopt DevOps to reduce cycle times and deliver software faster; some take on DevOps to drive higher quality and better end-user experience; others look to DevOps for a clearer line-of-sight to customers to drive better business impacts. In truth, these three foundations go together. In this power panel at @DevOpsSummit 21st Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, industry experts will discuss how leading organizations build application success from all...
SYS-CON Events announced today that SIGMA Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. uLaser flow inspection device from the Japanese top share to Global Standard! Then, make the best use of data to flip to next page. For more information, visit http://www.sigma-k.co.jp/en/.
SYS-CON Events announced today that Daiya Industry will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Daiya Industry specializes in orthotic support systems and assistive devices with pneumatic artificial muscles in order to contribute to an extended healthy life expectancy. For more information, please visit https://www.daiyak...
The last two years has seen discussions about cloud computing evolve from the public / private / hybrid split to the reality that most enterprises will be creating a complex, multi-cloud strategy. Companies are wary of committing all of their resources to a single cloud, and instead are choosing to spread the risk – and the benefits – of cloud computing across multiple providers and internal infrastructures, as they follow their business needs. Will this approach be successful? How large is the ...
Your clients expect transactions to never fail, cloud access to be fast and always on, and their data to be protected - no exceptions. Hear about how Secure Service Container (SSC), an IBM-exclusive open technology, enables secure building and hosting of next-generation applications, both cloud and on-premises. SSC protects the full stack from external and insider threats, allows automatic encryption of data in-flight and at-rest, and is tamper-resistant during installation and runtime – with no...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.i...
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp em...
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capabi...
SYS-CON Events announced today that Nihon Micron will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Nihon Micron Co., Ltd. strives for technological innovation to establish high-density, high-precision processing technology for providing printed circuit board and metal mount RFID tags used for communication devices. For more inf...
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, will discuss how data centers of the future will be managed, how th...
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
SYS-CON Events announced today that Suzuki Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Suzuki Inc. is a semiconductor-related business, including sales of consuming parts, parts repair, and maintenance for semiconductor manufacturing machines, etc. It is also a health care business providing experimental research for...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
SYS-CON Events announced today that Ryobi Systems will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ryobi Systems Co., Ltd., as an information service company, specialized in business support for local governments and medical industry. We are challenging to achive the precision farming with AI. For more information, visit http:...