1 in 5 data breaches are caused by misconfigured clouds, says survey

To accommodate remote work and improve efficiency, 85% of IT organisations are considering or already using the public cloud.

However, with some of their most crucial data still located within the corporate perimeter, NetOps must come up with new ways to achieve seamless integration. While the transition to the cloud itself is tricky, protecting the assets inside it is a different problem.

A study by Ponemon and IBM indicates that misconfigured cloud servers are responsible for 19% of data breaches and increased their average cost by half a million dollars. Despite relying on multi-cloud infrastructure, 52% of the organisations find it challenging to secure data stored in the public cloud. 

Companies accept these shortcomings, as cloud computing increases effectiveness and visibility over complex networks. Particularly when most employees are working remotely and accessing resources from dispersed locations. Cloud computing also takes the workload from on-premise networks which often have limited capabilities to support mobile workforces.

“Disperse edge computing is an opportunity for small and medium IT companies because robust corporate infrastructure is no longer needed for effective and secure collaboration. Enterprises also reduce additional costs by following Bring-Your-Own-Device (BYOD) policies, but that requires thorough risk mitigation strategy based on authentication,” says Juta Gurinaviciute, the chief technology officer at NordVPN Teams

Software and IT companies secure their remote workers’ end-point devices, cloud apps, servers, and on-premise data centres by implementing Zero Trust frameworks. 

Instead of focusing on user-to-network connectivity, it secures user-to-application gateways. A software developer doesn’t need to enter the network to access cloud resources from their home office, allowing admins to limit the actions each employee can perform within the system. 

IP whitelisting limits access and increases visibility

IP whitelisting (also known as allow list) is another step to reduce potential cyberattack surface area. It is an approved list of trusted IP addresses that can enter the network or reach resources within it. Usually, administrators assign static and dedicated IP addresses to all employee devices to control access to high-risk software development environments. 

“The Software and IT industry is particularly vulnerable to cyberthreats, as most of their operations are digital. Applications that are still in development rarely have proper security measures. Malicious users can access wider networks through them, compromising data, stealing assets and affecting operations,” says a NordVPN Teams expert.

Organisations can minimise the surface area by whitelisting particular IPs, but manually setting this up can outprice the benefits for smaller companies. They can stay resilient by implementing easily scalable third-party solutions which come with a centralised control panel. Admins can add new devices with ease, providing access to contractors or freelancers working with particular projects.

Another important consideration is the compatibility of cloud infrastructure and IP whitelisting tools. As 89% of organisations are planning to move their security operations to the cloud, they are looking for coherent and compliant cybersecurity tools.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow


9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

Laserfiche announces launch of cloud document management and process automation solution

Posted on: September 23, 2021

Laserfiche announced the availability of Laserfiche Cloud in the Europe, Middle East and Africa (EMEA) region. The SaaS provider of intelligent content management and business process automation’s cloud offering delivers an innovative and trusted system for securely managing content and automating business processes across the enterprise.

Read more

Global industry accelerating IoT adoption in response to Covid-19, new Inmarsat research reveals

Posted on: September 22, 2021

New research by Inmarsat, the provider of global mobile satellite communications, reveals a rapid increase in the maturity level of organisations adopting the industrial Internet of Things (IoT) since the start of the Covid-19 pandemic. Respondents drawn from multiple industries also reported that Covid-19 has demonstrated the importance of IoT to their businesses, with many accelerating

Read more