In the spirit of National Cybersecurity Awareness Month, we’re running a three-part series on how to shore up identity security and help prevent a data breach caused by a cyberattack. In our second post below, we’ll examine why cloud-based SaaS platforms tend to be more secure than on-prem resources. Stay tuned for guidelines on controlling broad permissions, or learn more about how credential theft really works and how to combat it.
Cloud-based apps and services are more than just convenient. Compared to on-prem resources, they can offer increased security, too. Even though conventional wisdom tells us that moving away from a traditional, hard-wired office domain means giving up a degree of control and security, the process of moving workloads to the cloud can be managed with care in such a way that the risk of a data breach due to a cyberattack is actually reduced.
Why Cloud Resources are More Secure
Cloud services’ comparatively low level of vulnerability can be attributed to two main factors. The first is that in a cloud-based Software-as-a-Service (SaaS) model, the onus to keep up with security updates and patches falls on the provider. One major SaaS selling point is that IT administrators no longer need to purchase, configure, and update on-prem hardware. With security built into the contract, a SaaS company must make constant investments in security and keep up with threats.
Cloud services also help to mitigate cyberattacks because, by nature, they create separate access points for different resources. An attack on your office infrastructure no longer leads to a one-stop treasure trove in your server room. And although your collection of third-party web apps may be configured to talk to each other, they’re still running on separate systems. Traversal from one to another would require crossing an extra access barrier rather than just following a local pathway inside a server room.
In this way, cloud-based services help to contain a successful cyberattack to a smaller surface area. They fit well into a zero-trust security approach, in which every IT resource is regarded as a potential attack vector. By forcing repeated (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Mike Ranellone. Read the original post at: https://jumpcloud.com/blog/best-practices/cybersecurity-cloud-services/