Welcome!

Cloud Security Authors: Pat Romanski, Ambuj Kumar, Shelly Palmer, XebiaLabs Blog, Liz McMillan

Related Topics: @CloudExpo, Cloud Security, @BigDataExpo

@CloudExpo: Article

Ransomware in the Age of #SaaS | @CloudExpo SDN #AI #ML #CloudSecurity

There’s a rapidly evolving range of threats that SaaS users face on their own side that SaaS providers have no control over

Protecting Data and Applications in the Age of SaaS

Recent market analysis from Cisco demonstrates the torrid adoption of cloud-based services. By 2019, more than four-fifths of all data center traffic, 83 percent, will be based in the cloud (up from 65 percent today). Most of this action will be going to public cloud services, which will account for 56 percent of all cloud workloads. In terms of type of cloud services, a majority will be applications, as the study finds Software as a Service (SaaS) is and will continue to be the dominant mode. Currently, about 45 percent of cloud implementations are SaaS; this figure is expected to grow to 59 percent by 2019, and SaaS adoption is particularly widespread among SMBs.

The increasing trust and confidence in public cloud services has contributed, and is continuing to contribute, to the growth in SaaS adoption for mission-critical workloads. More specifically, companies using or considering SaaS are often attracted to the greater level of cybersecurity protection that SaaS providers can deliver, including installations, maintenance, upgrades and patches.

However, there's a rapidly evolving range of threats that SaaS users face on their own side that SaaS providers have no control over. These include ransomware, various insider threats and third-party apps. Ensuring a high level of protection and security for SaaS-based data and apps depends as much on SaaS users addressing these client-side threats as it does on the cybersecurity resilience of SaaS providers. Here, we'll explore these primary threats and offer tips for SaaS users to address them.

Ransomware on the Rise
Ransomware - a form of cyberattack where hackers seize and encrypt data, and demand compensation (Bitcoin) for data to be unlocked - is now the biggest malware threat in the world. Undercapitalized and outgunned small businesses are increasingly the target of ransomware. According to recent research from Kaspersky Lab, 42 percent of SMBs worldwide suffered a ransomware-based attack between late 2015 to late 2016. Of those, one in three paid up the ransom, but one in five never got their files back, despite paying.

SaaS users may initially believe that using a SaaS provider naturally protects them from this kind of attack. Cloud file solutions like Google Drive create a second copy of local data that is stored in the cloud. But this doesn't mean your data is backed up and protected. If you're infected with ransomware, the files on a local hard drive will be held for ransom (by encryption) and any backup copies in Google Drive will be overwritten when the computer is synced. This means the "backup" data is now essentially also being held for ransom.

Proper backup is the only true protection for SaaS users - and all organizations for that matter - to guard against ransomware attacks. One effective technique is cloud-to-cloud backup, which enables data stored in one cloud to be backed up to another cloud. This type of backup can be automated, for maximum ease and resource-efficiency. In the future, we expect backup capabilities to deliver more automated ransomware protection - not just backing up data, but actually identifying ransomware attacks and the impacted files. This will help expedite data recovery and minimize any potential business disruption and downtime.

Insider Threats
Another major security problem today is insiders - according to Verizon, insiders are responsible for up to 90 percent of security incidents. This does not mean, however, that all these insiders have ill intentions. Most insider-driven security breaches are committed by innocent workers who are unaware they're actually doing something wrong, and creating major risks.

Consider an employee who moves sensitive data from a SaaS application to their personal iPad, or even their personal email address, in order to work on it at home. Their aim is good - to be more productive - but practices such as these can be hazardous. In the simplest example, this employee may lose their device and it may fall into the wrong hands. Or, the employee may switch jobs and go to a competitor, and then have full access to this SaaS data via their personal email account.

To address these threats, organizations should instill a culture of security and implement training on how employees can avoid certain practices that inadvertently create risk - from sharing passwords, to clicking on suspicious email links, to downloading and sending data to personal devices and email accounts. As the Ponemon Institute notes, "Good protection starts at the computer."

But given the speed at which most workers are moving today, it is important to supplement this training with automated protections and supports. SaaS users can also benefit from automated solutions that identify and delete risky data sharing practices and alert IT to risky or unusual user behaviors. These types of oversights can help minimize unnecessary risk exposure.

Third-Party Apps
Third-party apps that connect directly to SaaS data and applications are another major threat. Often, employees will download third-party apps - for functions like calendar or messaging, for example - in order to supplement the functionality of their SaaS apps. However, they often do this without express IT permission, a trend known as "shadow IT." Their intentions may be good, but if any one of these apps is backed by a malicious party, that party now has a full-access pass to critical SaaS data and applications.

Consider the case of the recent Gooligan malware, an Android-based malware that has compromised more than one million Google accounts, hundreds of them associated with enterprise users. The infection began when users downloaded and installed a Gooligan-infected app from a third-party app store on a vulnerable Android device. Through a process called rooting, Gooligan then stole Google account and authentication token information and launched a sinister money-making scheme, downloading apps and giving them positive reviews, as well as installing adware to fraudulently generate revenues.

While the Gooligan hackers' ultimate goal proved not to be data theft, they could have inflicted major damage. According to researchers, a total of 86 apps available in third-party marketplaces carried the malware, and collectively they had the power to root 74 percent of all Android phones worldwide. Gooligan was just the latest (and perhaps most eye-opening) example of the potential danger that third-party apps can pose to the security of connected SaaS-based data and applications. Industry research shows that the use of third-party apps within enterprises has increased 30 times over the past two years, and more than a quarter of these apps are risky. Given the acceleration of third-party app downloads - which isn't expected to slow anytime soon - SaaS users should frequently scan third-party applications accessing SaaS systems, as well as "blacklist" and remove any identified as suspicious.

Conclusion
Both SaaS providers and users face a rapidly evolving threat environment, and protection and security of SaaS-based data and applications must be a shared endeavor. SaaS providers have made great strides in their security standardizations, but it is impossible for them to address the range of threats that lie on the client-side, including ransomware, insider threats and third-party apps. SaaS users must assume this responsibility and understand the important role they play in ensuring the security and protection of their own data and apps based in the cloud.

More Stories By Dmitry Dontsov

Dmitry Dontsov, CEO of Spinbackup, has wide technology and marketing expertise in the area of cloud apps development and management. In addition to being the CEO and Co-founder of Spinbackup, he is the Co-founder of Bridge and founder of Optimum Web Outsourcing.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
SYS-CON Events announced today that Dasher Technologies will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Dasher Technologies, Inc. ® is a premier IT solution provider that delivers expert technical resources along with trusted account executives to architect and deliver complete IT solutions and services to help our clients execute their goals, plans and objectives. Since 1999, we'v...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities – ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups. As a result, many firms employ new business models that place enormous impor...
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Taica manufacturers Alpha-GEL brand silicone components and materials, which maintain outstanding performance over a wide temperature range -40C to +200C. For more information, visit http://www.taica.co.jp/english/.
SYS-CON Events announced today that TidalScale, a leading provider of systems and services, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. TidalScale has been involved in shaping the computing landscape. They've designed, developed and deployed some of the most important and successful systems and services in the history of the computing industry - internet, Ethernet, operating s...
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
SYS-CON Events announced today that TidalScale will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. TidalScale is the leading provider of Software-Defined Servers that bring flexibility to modern data centers by right-sizing servers on the fly to fit any data set or workload. TidalScale’s award-winning inverse hypervisor technology combines multiple commodity servers (including their ass...
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
As popularity of the smart home is growing and continues to go mainstream, technological factors play a greater role. The IoT protocol houses the interoperability battery consumption, security, and configuration of a smart home device, and it can be difficult for companies to choose the right kind for their product. For both DIY and professionally installed smart homes, developers need to consider each of these elements for their product to be successful in the market and current smart homes.
Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. They are the industry leader in DNS, DHCP, and IP address management, the category known as DDI. We empower thousands of organizations to control and secure their networks from the core-enabling them to increase efficiency and visibility, improve customer service, and meet compliance requirements.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Most technology leaders, contemporary and from the hardware era, are reshaping their businesses to do software. They hope to capture value from emerging technologies such as IoT, SDN, and AI. Ultimately, irrespective of the vertical, it is about deriving value from independent software applications participating in an ecosystem as one comprehensive solution. In his session at @ThingsExpo, Kausik Sridhar, founder and CTO of Pulzze Systems, will discuss how given the magnitude of today's applicati...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
Digital transformation is changing the face of business. The IDC predicts that enterprises will commit to a massive new scale of digital transformation, to stake out leadership positions in the "digital transformation economy." Accordingly, attendees at the upcoming Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA, Oct 31-Nov 2, will find fresh new content in a new track called Enterprise Cloud & Digital Transformation.
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp emp...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It’s clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Tha...
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere delivers a more modern architectural approach to storage that doesn't require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbui...