2016 Security Predictions: #4 – Cloud services will increase attack surface and burden perimeter security
Back in the good old days, networks were relatively well-defined. Servers were provisioned in the data center or the DMZ. Organizations could lock down their sensitive data and carefully monitor access to servers with data center and intranet security tools.
Those “good old days” are gone. Today, many organizations are migrating their application servers to the cloud or they are ditching their existing applications and moving to software-as-a-service (SaaS) solutions such as CRM, HR, email and file sharing apps. Organizations are also embracing cloud productivity apps such as Microsoft Office 365 and Google for Work.
The transition to cloud services has slashed costs and allowed easy access to business apps from any location. However, cloud applications have also introduced new security challenges, including:
- An increased attack surface: Before, attackers needed to gain access to the corporate network before they could probe and attack applications. With applications hosted in the cloud, malicious users can now attack apps from any location and any device.
- Uneven data monitoring and auditing: Organizations should track access to sensitive data to detect and stop suspicious activity and for forensics. But it is much more difficult to monitor access to third-party SaaS applications than internal apps because apps are hosted in the cloud and application traffic is often encrypted.
- Limited control over security: Organizations must rely on SaaS vendors to implement strong defenses and fix vulnerabilities that arise quickly. While many SaaS vendors have undergone rigorous SAS 70 or ISO 27001 audits, they are also under pressure to rapidly innovate and to support Application Programming Interfaces (APIs) for third-party integration; business demands could lead to more vulnerabilities.
- Increased traffic at the network perimeter: The adoption of cloud-based services will inevitably increase the load on secure web gateways and perimeter firewalls. Since much of this traffic is encrypted (see security prediction #1), businesses must ensure that their security devices can keep up with demand.