SYS-CON MEDIA Authors: Yeshim Deniz, Elizabeth White, Sean Houghton, Glenn Rossman, Ignacio M. Llorente

Related Topics: Cloud Expo, Java, SOA & WOA, Linux, Open Source, Security

Cloud Expo: Article

Five Questions Every CEO Should Ask Their CIO / CISO

On the One-Year Anniversary of Snowden's Disclosure, Lessons for Preventing Insider Threat

Today is the one-year anniversary of the historic Snowden disclosure.  In the year since the first stories about Edward Snowden appeared, one of the lasting affects of the scandal is a heightened awareness of the risk posed by rogue insiders. This increased focus on rogue insiders has spread beyond the government to the private sector, and from security circles to corporate executives.

From product designs, formulas, and customer information, all companies have data that could harm their business in the hands of a competitor, making insider threats like Snowden an executive-level concern due to the potential negative impact on the company's business operations and value. And with the ubiquity of cloud services, insiders are increasing exploiting the cloud to exfiltrate data.

We've distilled lessons learned from Snowden scandal and created 5 questions every CEO should be asking their CIO / CISO in order to avoid a catastrophic rogue insider event in the private sector both in using cloud as a vector of exfiltration as well as protecting their data stored in the cloud.

1. Can we identify unusual user or network activity to cloud services?

Many companies already archive log data from firewalls and proxies and use basic search capabilities to look for specific behavior. Unfortunately, basic search capabilities are ineffective at analyzing petabytes of data to proactively identify different forms of anomalous behavior. Today, there are machine learning techniques algorithms that establish baseline behavior for every user and every cloud service and immediately identify any anomalous activity indicative of security breach or insider threat.

2. Can we track who accesses what cloud-hosted data and when?

Snowden was able to steal roughly 1.7 million files and to this day the NSA doesn't know exactly what he took. With the rapid adoption of cloud services, companies need to make sure that their cloud services provide the basic logging of all access to cloud services, including those by admins and via application APIs. Furthermore, companies need to make sure that cloud services provide historical log data of all accesses in order to support forensic investigations when an event does occur.

3. How are we protecting against insider attacks at the cloud service providers?

Encrypting data using enterprise-managed keys will enable employees to access information while stopping unauthorized third parties from reading the same data. Experts recommend encrypting sensitive information stored on premises and also in the cloud. By encrypting data in this manner, companies add an additional layer of protection over and above authentication and authorization that protects against insider attacks at the cloud service provider end.

4. How do we know unprotected sensitive data is not leaving the corporate network?

Many companies enforce data loss prevention policies for outbound traffic.  With the increasing use of cloud services (the average company uses 759 cloud services), companies should also extend their access control and DLP policy enforcement to data stored in the cloud. And as they do so, they should make sure that they are not reinventing the wheel and rather leverage their existing infrastructure. Companies should consider augmenting on-premise DLP systems and their existing processes to extend DLP to the cloud, with reconnaissance services that look for sensitive data in cloud services in use by the enterprise.

5. Can we reduce surface area of attack by limiting access based on device and geography?

The ability to access sensitive information should be dependent on context. For example, a salesperson in Indianapolis viewing customer contacts stored in Salesforce for customers in her territory using a secure device is appropriate access. Using an unsecure or unapproved device from another location may not be appropriate and could expose the company to risk. Limiting access to appropriate devices and appropriate locations will help prevent exposure.

More Stories By Rajiv Gupta

Rajiv Gupta is Founder and CEO of Skyhigh Networks. He has more than 20 years of successful enterprise software and security experience, and is widely recognized as a pioneer of Web Services and Client-Utility Computing, which was the precursor to cloud services as we know it today. With over 45 patents to his name, Rajiv has led two other companies to successful acquisitions by Cisco (Securent, Inc) and Oracle (Confluent Software). Previously, Rajiv spent 11 years at HP as GM of the E-speak Division – a division he started in 1998 to bring the Client-Utility Computing technology to market. Under his leadership, E-speak delivered some of the earliest Web Services technologies and standards and has been inducted into the Smithsonian National Archives. @TrustedMind

Latest Stories
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
There's Big Data, then there's really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges. In her session at Big Data Expo®, Hannah Smalltree, Director at Treasure Data, discussed how IoT, Big D...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's large...
SYS-CON Media announced today that Skytap blog on "DevOps Journal" exceeded 84,000 story reads. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Noel Wurst is the managing content editor at Skytap. Skytap provides SaaS-based dev/test environments to the enterprise. Skytap solution removes the inefficiencies and constraints that comp...
SYS-CON Events announced today Isomorphic Software, the global leader in high-end, web-based business applications, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software ...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...