Guest blog by Ian Humphreys
Increasing numbers of UK firms are looking to harness the power of Infrastructure-as-a-Service (IaaS) cloud providers and integrators to improve agility, cut hardware expenditure and take advantage of improved scalability. The same is happening all over the world. In fact, an IDC survey of over 6,000 IT organisations last year revealed that nearly two-thirds are already using or planning to use public cloud IaaS by the end of 2016. Security has always been a major barrier to such adoption plans, with many organisations unaware of just how much responsibility for this they must take in an IaaS set-up.
That’s why Trend Micro last week announced a major new partnership with BT which will see our flagship Deep Security platform offered to all BT Cloud Compute customers. It will help organisations meet their share cloud responsibilities with one of the most comprehensive security solutions around.
Pros and cons
The benefits of cloud IaaS are undeniable. It’s being seen in an increasing range of use cases including website hosting; proof-of-concept testing; adding extra capacity at peak times; batch computing and much more. But there are risks. Cybercriminals are becoming increasingly adept at exploiting any gaps organisations might leave in their cloud infrastructure to go after sensitive customer data and IP. The shared resources of a multi-tenant environment may raise fears of inter-VM attacks, for example. And unpatched systems continue to represent a major risk.
Yet many struggle because they’re running IaaS in a hybrid cloud environment, but aren’t able to consolidate their security across physical, virtual and cloud. This can create management headaches for IT and even lead to further security gaps for the black hats to exploit. Performance issues may also occur if their security hasn’t been designed with cloud infrastructure in mind.
Protecting the ecosystem
Cloud IaaS may be owned built and managed by the provider, but as a rough rule of thumb everything above the hypervisor is the responsibility of the customer. Fortunately for BT Cloud Compute customers, our award-winning Deep Security platform is now available to secure their cloud workloads.
Deep Security is one of the most comprehensive cloud security products on the market, including:
Anti-malware: protects cloud servers
Web reputation: blocks access to malicious URLs
Intrusion prevention: vulnerability shielding protects servers and apps from any known and zero-day threats
Stateful firewall: decreases attack surface by ensuring only pre-approved ports, protocols and IP addresses access VMs
File and system integrity monitoring: Helps spot covert targeted attacks by detecting suspicious changes to files, directories, registry keys etc.
Log inspection: collects OS and app logs to detect suspicious behaviour and support compliance efforts
What’s more, Deep Security runs across physical, virtual and cloud servers, minimising operational costs and ensuring all policies are centrally managed. It’s also been designed in close co-operation with some of the world’s biggest cloud providers for tight integration and high performance.
The major DDoS outage at DNS firm Dyn last year reminded us of the potential disruption to the cloud ‘ecosystem’ that can occur when a provider high up the stack is compromised. This new partnership will therefore benefit BT’s direct customers, helping them to drive digital transformation and profits while staying secure. But it will also have the knock-on effect of ensuring maximum uptime and security for any customers of theirs accessing their services via the cloud: a win-win all round.