As more businesses begin to explore the benefits of moving on-premises data and applications to the cloud, they're having to rethink their traditional approaches to data security. Not only are cybercriminals developing more sophisticated attacks, but the number of employees and users who can access, edit, and share data has increased the risk of breaches. In fact, Gartner indicates* that 'through 2022, 95 percent of cloud security incidents failures will be the customer's fault. CIOs can combat this by implementing and enforcing policies on cloud ownership, responsibility and risk acceptance. They should also be sure to follow a life cycle approach to cloud governance and put in place central management and monitoring planes to cover the inherent complexity of multicloud use.'

Instead of relying on a patchwork of third-party security solutions that don't always speak to each other, potentially leaving systems vulnerable to attack, companies are now adopting a unified, end-to-end cloud security defense. This typically involves choosing a cloud provider that can integrate security controls right into existing corporate systems and processes. When these controls span the entire IT infrastructure, they make it easier to protect data and maintain user trust by offering increased compatibility, better performance, and more flexibility.

Protection that's always compatible

A holistic, cloud-supported threat warning and detection system can be designed to work seamlessly across every asset of an IT environment. For instance, built-in security management solutions can give IT teams the ability to constantly monitor the entire system from a centralized location, rather than manually evaluating different machines. This allows them to sense threats early, provide identity monitoring, and more-all without any compatibility issues.

Container shipping company Mediterranean Shipping Company (MSC) has gone this route. As in many businesses, MSC's IT environment is spread across a variety of locations, networks, and technologies, such as container ships, trucking networks, and offices. Its previous security strategy employed a mixture of third-party solutions that often ran into compatibility issues between different components, giving attackers a large surface area to probe. This made MSC vulnerable to threats such as fileless attacks, phishing, and ransomware. However, after transitioning to a unified cloud security solution, it has been able to guard against attacks using protection that integrates effortlessly into its existing environment.

Reliable performance, more efficiently

The more complex an IT environment gets, the more time employees spend testing, maintaining, and repairing third-party security solutions. A unified cloud security approach improves performance by not only providing a consistent, layered defense strategy, but by also automating it across the entire IT infrastructure. At MSC, software and security updates are now done automatically and deployed without delay across the cloud. Information about possible threats and breaches can quickly be shared across devices and identities, speeding up response and recovery times so that employees can focus on other issues.

Security with flexibility to grow

Scalability is another factor driving adoption. A cloud environment can easily scale to accommodate spikes in traffic, additional users, or data-intensive applications. A patchwork of third-party security solutions tends not to be so nimble. At MSC, security controls are integrated into multiple levels of the existing IT infrastructure-from the operating system to the application layer-and can be dynamically sized to meet new business needs. For example, continuous compliance controls can be established to monitor regulatory activities and detect vulnerabilities as they grow.

A unified security approach: becoming the standard

The best security solutions perform quietly in the background, protecting users without them noticing. Unified cloud security does this while also reducing the resources required to keep things running smoothly. 'Once you have true defense in depth, there's less chance of having to single out a user and impact their productivity because you have to reimage an infected machine,' said Aaron Shvarts, chief security officer at MSC Technology North America.

After moving its workloads to Azure and upgrading its previous third-party security solutions to the native protection of Windows Defender, MSC now has a defense strategy that suits the complexity of its business. Learn more about Azure security solutions and how Microsoft can help you implement unified security across your cloud.

To stay up to date on the latest news about Microsoft's work in the cloud, bookmark this blog and follow us on Twitter, Facebook, and LinkedIn.

*Gartner, Smarter with Gartner, Is the Cloud Secure?, 27 March 2018, https://www.gartner.com/smarterwithgartner/is-the-cloud-secure/

Attachments

  • Original document
  • Permalink

Disclaimer

Microsoft Corporation published this content on 11 September 2018 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 11 September 2018 16:31:01 UTC