fbpx
Open post

Cloud security going into 2018

The cloud is becoming more and more preferred as times goes by. Data and applications are streaming to it at a faster rate every hour, and more people are deciding to turn to cloud services on a daily. There is no question as to why this is happening, the cloud services are extremely convenient and offer functionality that you cant find anywhere else! In saying that, this also means cloud services are under a watchful eye by everyone, even the nefarious types.

Threats to the cloud

Generally when we have something good, people like to mess it up. The cloud is no different, there are people who have already interfered with the cloud and it’s services to steal data for very selfish and rather rude reasons. 2018 will be no exception to this, for there are quit a few issues with the newly born service that can easily be manipulated. Despite popular belief, cloud services and their security are not in the hands of the service provider, rather the customer. Knowing that, we should evaluate the potential risks with cloud technology and understand the vulnerabilities of the information stored on the cloud.

  • Data breaches– This can occur in multiple ways, ranging from intent to steal information on the cloud, human error, vulnerabilities in applications relating to the cloud, or just poor security understanding and practices.
  • Insufficient identity, credentials, and access management– Persons with ill intent may gain access to cloud stored information and cause all sorts of trouble due to a lack of credential security, which would enable unauthorized access to your data.
  • Insecure interfaces and application programming interfaces– Cloud technology providers expose UI’s and API’s that customers may use to manage their cloud experience. This is both great and bad, for this means the protection you could have is in your hands, and were you to become accessed by some unwanted party, they now have full access to your cloud security, and the providers of that cloud will have little to no feasible way to rescue you. There is a lacking of accidental and malicious attempts of policy circumventing.
  • System vulnerabilities– This is the big contender that has gained spotlight this last year for cloud tech. These are exploitable bugs in the program that allow malicious actions to gain access to a system and steal data, taking control of the system, or disrupting service operations.  Vulnerabilities within the components of the operating system put security of all the services and data at significant risk. Because the cloud has systems from various organizations placed close to each other, if the cloud is breached, that means those other systems are now vulnerable as well.

The cloud is a fantastic service that will no doubt lead to other great systems and functionality in the world, however right now while it is still young, it has quit a few quirks to work out before it can be considered a fully safe and developed system. Now that doesn’t mean don’t use the cloud, it means be mindful of what you put on there, and the risks that are present in the technology your using.

Open post

2018 predictions: Healthcare security breach

As we all have become aware, 2017 was a free for all when it comes to security breaches.  There were countless phishing scams, ransomware, state-sponsored attacks and new forms of attacks that all made headlines and shook us to our boots. However 2018 means a new year and a new us! Right? Well we hope so, but thus far the the outlook isn’t in our favor.

Recently a VP at Tripwire gave his predictions for 2018 and our security in the online world. The prediction does not bring bright bearings, in fact it seems 2018 may be quit ill.

The Tripwire VP predicts that healthcare security will be breached, due to the ever growing vulnerability in medical devices and electronic healthcare records. 2018 is expected to have hospitals, insurers and healthcare manufacturers in the sights of hackers  and cybercriminals.

It is expected that the healthcare industry is not prepared for the kinds of attacks that may come, with things like the WannaCry incident and the UK NHS.  Not all ransomware is noisy and boisterous which is where the real danger may lie for the healthcare industry.

In relation to the healthcare being a target for 2018, there is also a lot of talk about the cloud, and it’s  potential security abuse over the horizon in 2018. It should come to no surprise that since cloud technology is still pretty new, that defending the cloud is still a process in the works. We should not be taken by surprise when there is another cloud data management leak, and should be cautious until they have developed a stronger, more prominent protection for cloud storage. There is talk of security becoming up to date near the end of 2018 for this form of technology, but until then we may see leaks of credentials and misconfigurations, as well as other exploited vulnerabilities.

Let’s all learn from the mistakes of not only ourselves, but each others, and make 2018 predictions like this nothing but a false alarm! If you need help with your online presence, give us at Re2tech a call and lets discuss your security options and optimizations! 

Open post

Google acquires cloud identity company Bitium

Google cloud has recently acquired the company known as “Bitium”, a company which gives a focus on enterprise grade identity management and access tools.

These tools can be used for single-sign on, for applications based on the cloud. This newly acquired company will help Google better manage enterprise cloud customer implementation across and organization. This will include several functionality aspects such as security levels and access policies across applications and devices.

The main purpose of Bitium is offering single-stop solution for the management of Google apps, Office 365, social networks, CRM, and collaboration and marketing tools, along with this, the ensurance of security standards.

Google is planning to continue what Bitium was working on, however in its own way, and extend to additional application partners. Plans are in the process to keep it as an open platform for third-party identity management providers that integrate with enterprise customers on the one side, and Google Cloud and G Suite on the other.

This could spell some new options for businesses and their integration with cloud technology and identity management!

Give us a call today and ask us about any networking or technology questions you may have for your home or business! Don’t forget to ask us how we can improve upon your current foundation! 

Scroll to top