Welcome!

@CloudExpo Authors: Yeshim Deniz, Elizabeth White, Liz McMillan, Pat Romanski, Charles Araujo

Related Topics: @CloudExpo, Cloud Security, @DXWorldExpo

@CloudExpo: Article

Ransomware in the Age of #SaaS | @CloudExpo SDN #AI #ML #CloudSecurity

There’s a rapidly evolving range of threats that SaaS users face on their own side that SaaS providers have no control over

Protecting Data and Applications in the Age of SaaS

Recent market analysis from Cisco demonstrates the torrid adoption of cloud-based services. By 2019, more than four-fifths of all data center traffic, 83 percent, will be based in the cloud (up from 65 percent today). Most of this action will be going to public cloud services, which will account for 56 percent of all cloud workloads. In terms of type of cloud services, a majority will be applications, as the study finds Software as a Service (SaaS) is and will continue to be the dominant mode. Currently, about 45 percent of cloud implementations are SaaS; this figure is expected to grow to 59 percent by 2019, and SaaS adoption is particularly widespread among SMBs.

The increasing trust and confidence in public cloud services has contributed, and is continuing to contribute, to the growth in SaaS adoption for mission-critical workloads. More specifically, companies using or considering SaaS are often attracted to the greater level of cybersecurity protection that SaaS providers can deliver, including installations, maintenance, upgrades and patches.

However, there's a rapidly evolving range of threats that SaaS users face on their own side that SaaS providers have no control over. These include ransomware, various insider threats and third-party apps. Ensuring a high level of protection and security for SaaS-based data and apps depends as much on SaaS users addressing these client-side threats as it does on the cybersecurity resilience of SaaS providers. Here, we'll explore these primary threats and offer tips for SaaS users to address them.

Ransomware on the Rise
Ransomware - a form of cyberattack where hackers seize and encrypt data, and demand compensation (Bitcoin) for data to be unlocked - is now the biggest malware threat in the world. Undercapitalized and outgunned small businesses are increasingly the target of ransomware. According to recent research from Kaspersky Lab, 42 percent of SMBs worldwide suffered a ransomware-based attack between late 2015 to late 2016. Of those, one in three paid up the ransom, but one in five never got their files back, despite paying.

SaaS users may initially believe that using a SaaS provider naturally protects them from this kind of attack. Cloud file solutions like Google Drive create a second copy of local data that is stored in the cloud. But this doesn't mean your data is backed up and protected. If you're infected with ransomware, the files on a local hard drive will be held for ransom (by encryption) and any backup copies in Google Drive will be overwritten when the computer is synced. This means the "backup" data is now essentially also being held for ransom.

Proper backup is the only true protection for SaaS users - and all organizations for that matter - to guard against ransomware attacks. One effective technique is cloud-to-cloud backup, which enables data stored in one cloud to be backed up to another cloud. This type of backup can be automated, for maximum ease and resource-efficiency. In the future, we expect backup capabilities to deliver more automated ransomware protection - not just backing up data, but actually identifying ransomware attacks and the impacted files. This will help expedite data recovery and minimize any potential business disruption and downtime.

Insider Threats
Another major security problem today is insiders - according to Verizon, insiders are responsible for up to 90 percent of security incidents. This does not mean, however, that all these insiders have ill intentions. Most insider-driven security breaches are committed by innocent workers who are unaware they're actually doing something wrong, and creating major risks.

Consider an employee who moves sensitive data from a SaaS application to their personal iPad, or even their personal email address, in order to work on it at home. Their aim is good - to be more productive - but practices such as these can be hazardous. In the simplest example, this employee may lose their device and it may fall into the wrong hands. Or, the employee may switch jobs and go to a competitor, and then have full access to this SaaS data via their personal email account.

To address these threats, organizations should instill a culture of security and implement training on how employees can avoid certain practices that inadvertently create risk - from sharing passwords, to clicking on suspicious email links, to downloading and sending data to personal devices and email accounts. As the Ponemon Institute notes, "Good protection starts at the computer."

But given the speed at which most workers are moving today, it is important to supplement this training with automated protections and supports. SaaS users can also benefit from automated solutions that identify and delete risky data sharing practices and alert IT to risky or unusual user behaviors. These types of oversights can help minimize unnecessary risk exposure.

Third-Party Apps
Third-party apps that connect directly to SaaS data and applications are another major threat. Often, employees will download third-party apps - for functions like calendar or messaging, for example - in order to supplement the functionality of their SaaS apps. However, they often do this without express IT permission, a trend known as "shadow IT." Their intentions may be good, but if any one of these apps is backed by a malicious party, that party now has a full-access pass to critical SaaS data and applications.

Consider the case of the recent Gooligan malware, an Android-based malware that has compromised more than one million Google accounts, hundreds of them associated with enterprise users. The infection began when users downloaded and installed a Gooligan-infected app from a third-party app store on a vulnerable Android device. Through a process called rooting, Gooligan then stole Google account and authentication token information and launched a sinister money-making scheme, downloading apps and giving them positive reviews, as well as installing adware to fraudulently generate revenues.

While the Gooligan hackers' ultimate goal proved not to be data theft, they could have inflicted major damage. According to researchers, a total of 86 apps available in third-party marketplaces carried the malware, and collectively they had the power to root 74 percent of all Android phones worldwide. Gooligan was just the latest (and perhaps most eye-opening) example of the potential danger that third-party apps can pose to the security of connected SaaS-based data and applications. Industry research shows that the use of third-party apps within enterprises has increased 30 times over the past two years, and more than a quarter of these apps are risky. Given the acceleration of third-party app downloads - which isn't expected to slow anytime soon - SaaS users should frequently scan third-party applications accessing SaaS systems, as well as "blacklist" and remove any identified as suspicious.

Conclusion
Both SaaS providers and users face a rapidly evolving threat environment, and protection and security of SaaS-based data and applications must be a shared endeavor. SaaS providers have made great strides in their security standardizations, but it is impossible for them to address the range of threats that lie on the client-side, including ransomware, insider threats and third-party apps. SaaS users must assume this responsibility and understand the important role they play in ensuring the security and protection of their own data and apps based in the cloud.

More Stories By Dmitry Dontsov

Dmitry Dontsov, CEO of Spinbackup, has wide technology and marketing expertise in the area of cloud apps development and management. In addition to being the CEO and Co-founder of Spinbackup, he is the Co-founder of Bridge and founder of Optimum Web Outsourcing.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
FinTechs use the cloud to operate at the speed and scale of digital financial activity, but are often hindered by the complexity of managing security and compliance in the cloud. In his session at 20th Cloud Expo, Sesh Murthy, co-founder and CTO of Cloud Raxak, showed how proactive and automated cloud security enables FinTechs to leverage the cloud to achieve their business goals. Through business-driven cloud security, FinTechs can speed time-to-market, diminish risk and costs, maintain continu...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
DXWorldEXPO LLC announced today that ICC-USA, a computer systems integrator and server manufacturing company focused on developing products and product appliances, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City. ICC is a computer systems integrator and server manufacturing company focused on developing products and product appliances to meet a wide range of ...
The taxi industry never saw Uber coming. Startups are a threat to incumbents like never before, and a major enabler for startups is that they are instantly “cloud ready.” If innovation moves at the pace of IT, then your company is in trouble. Why? Because your data center will not keep up with frenetic pace AWS, Microsoft and Google are rolling out new capabilities. In his session at 20th Cloud Expo, Don Browning, VP of Cloud Architecture at Turner, posited that disruption is inevitable for comp...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
Sanjeev Sharma Joins November 11-13, 2018 @DevOpsSummit at @CloudEXPO New York Faculty. Sanjeev Sharma is an internationally known DevOps and Cloud Transformation thought leader, technology executive, and author. Sanjeev's industry experience includes tenures as CTO, Technical Sales leader, and Cloud Architect leader. As an IBM Distinguished Engineer, Sanjeev is recognized at the highest levels of IBM's core of technical leaders.
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
HyperConvergence came to market with the objective of being simple, flexible and to help drive down operating expenses. It reduced the footprint by bundling the compute/storage/network into one box. This brought a new set of challenges as the HyperConverged vendors are very focused on their own proprietary building blocks. If you want to scale in a certain way, let's say you identified a need for more storage and want to add a device that is not sold by the HyperConverged vendor, forget about it...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
Deep learning has been very successful in social sciences and specially areas where there is a lot of data. Trading is another field that can be viewed as social science with a lot of data. With the advent of Deep Learning and Big Data technologies for efficient computation, we are finally able to use the same methods in investment management as we would in face recognition or in making chat-bots. In his session at 20th Cloud Expo, Gaurav Chakravorty, co-founder and Head of Strategy Development ...
Evan Kirstel is an internationally recognized thought leader and social media influencer in IoT (#1 in 2017), Cloud, Data Security (2016), Health Tech (#9 in 2017), Digital Health (#6 in 2016), B2B Marketing (#5 in 2015), AI, Smart Home, Digital (2017), IIoT (#1 in 2017) and Telecom/Wireless/5G. His connections are a "Who's Who" in these technologies, He is in the top 10 most mentioned/re-tweeted by CMOs and CIOs (2016) and have been recently named 5th most influential B2B marketeer in the US. H...
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
In his session at 21st Cloud Expo, James Henry, Co-CEO/CTO of Calgary Scientific Inc., introduced you to the challenges, solutions and benefits of training AI systems to solve visual problems with an emphasis on improving AIs with continuous training in the field. He explored applications in several industries and discussed technologies that allow the deployment of advanced visualization solutions to the cloud.
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, provided a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services with...
Containers are rapidly finding their way into enterprise data centers, but change is difficult. How do enterprises transform their architecture with technologies like containers without losing the reliable components of their current solutions? In his session at @DevOpsSummit at 21st Cloud Expo, Tony Campbell, Director, Educational Services at CoreOS, will explore the challenges organizations are facing today as they move to containers and go over how Kubernetes applications can deploy with lega...
In their session at @DevOpsSummit at 21st Cloud Expo, Michael Berman, VP Engineering at TidalScale, and Ivo Jimenez, Engineer at TidalScale, will describe how automating tests in TidalScale is easy thanks to WaveRunner. They will show how they use WaveRunner, Jenkins, and Docker to have agile delivery of TidalScale. Michael Berman is VP Engineering at TidalScale. TidalScale is developing a scale up compute and resource architecture for customers to perform big data exploration and real time anal...