• Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
  • Events
  • Whitepapers
  • Spotlights
  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
  • Newsletters
  • Sign in
  •  
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
     
    • You are currently accessing Computing via your Enterprise account.

      If you already have an account please use the link below to sign in.

      If you have any problems with your access or would like to request an individual access account please contact our customer service team.

      Phone: +44 (0) 1858 438800

      Email: customerservices@incisivemedia.com

      • Sign in
     
  • Follow us
    • Twitter
    • LinkedIn
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • Events
    • Upcoming events
      event logo
      Deskflix Financial Services

      oin us for this episode of Deskflix to hear from industry experts and peers on their 2020 best practices, what they’ve learnt for 2021 and how they plan to overcome the next wave of disruption.

      • Date: 03 Mar 2021
      event logo
      Good listeners: Why conversational interfaces are now a must-have

      This webinar, featuring dedicated research, will explore how conversational interfaces can add value to your digital initiatives today. We discuss the benefits of putting the AI to work and the value of the conversational channel itself.

      • Date: 17 Mar 2021
      • Virtual Event,
      event logo
      Deskflix IT Leader's Summit

      Six months on from our inaugural IT Leaders’ Festival, Deskflix IT Leaders’ Summit is a chance to take stock and reflect on the first quarter of 2021. How did you overcome the obstacles of 2020? Was progression as expected? What were your biggest threats and biggest growth opportunities?

      • Date: 24 Mar 2021
      event logo
      Architect for the unknown: Is your database built for a crisis?

      This webinar, in which we’ll reveal Computing’s latest research in this area, reflects on how prepared our respondents’ data architecture was going into the pandemic and the role databases have to play in the ability to react and pivot in a crisis.

      • Date: 25 Mar 2021
      View all events
  • Whitepapers
    • LATEST WHITEPAPERS
      Darktrace 120x194
      Cyber AI Response: Threat Report 2019

      This white paper details 7 case studies of attacks that were intercepted and neutralised by Darktrace cyber defense AI, including a zero-day trojan in a manufacturing company's network. Learn how Darktrace Antigena AI Response modules fight back autonomously, no matter where a threat may emerge, extending to the Cloud, Email and SaaS.

      Download
      Darktrace 120x194
      Cyber AI & Darktrace Cloud

      This white paper explores how cloud is a security blind spot for many organisations who struggle with the limited visibility and control in this new environment, where their existing security tools are often not applicable.

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Spotlights
    • Spotlights

      Welcome to Computing's Spotlight section, where we focus in on particularly important themes and topics of enterprise IT.

      Intel logo

       

      Endpoint Management and Security Hub

  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
Computing
Computing
  • Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
 
  • You are currently accessing Computing via your Enterprise account.

    If you already have an account please use the link below to sign in.

    If you have any problems with your access or would like to request an individual access account please contact our customer service team.

    Phone: +44 (0) 1858 438800

    Email: customerservices@incisivemedia.com

    • Sign in
 
 

Sponsor content:

What's this?

This content has been provided by our sponsors and is a paid advertisement.
  • Security Technology

Trusting the cloud: The dangers of unencrypted data upload

Moving to the cloud doesn't mean outsourcing your entire security infrastructure, argues Max Heinemeyer of Darktrace

Visibility of your infrastructure is critical, and the same applies on moving to the cloud
Visibility of your infrastructure is critical, and the same applies on moving to the cloud
  • Max Heinemeyer
  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
0 Comments

alt=''

More than nine in 10 organisations are expected to adopt the hybrid cloud by 2020. While this transition is undeniably beneficial for most businesses - from start-ups to existing multi-national firms - it also brings with it its own risks.

Alongside the growth in cloud adoption, the challenge of securing critical data has taken on a new dimension. As internal servers are so commonly affected by malware infections or insider threats, there exists a common misconception that the data stored within the cloud is somehow more secure than the data resting on company fileservers. However, this is not necessarily the case - the information stored on cloud infrastructure may be just as (un)safe as any other corporate data store.

Much of this risk comes from the misconception of the network position of cloud servers themselves. Although rented out for use by the company and used every day as part of fundamental business purposes, connections to cloud servers (if not facilitated by a VPN or other strong encrypted channels) cross the perimeter of the network and traverse the public internet. This means that data uploaded to and from the cloud is a prime target for man-in-the-middle attacks, carried out by opportunistic actors hoping to sniff usernames, passwords, and other sensitive details that they could then leverage for direct corporate data theft.

The reality is that while organisations can outsource their IT services, they cannot outsource their security function altogether. In fact, protecting the cloud comes with its own challenges, with most of the existing native security controls and third-party security solutions suffering from significant limitations.

Visibility is crucial - before and during investment

A City Government in the USA had outsourced the storage of SQL databases to a cloud storage provider. However, it had not interrogated the protocols that the server employed by default to upload and download information. Addresses, phone numbers, vehicle registration plate numbers: the city government was uploading it all to the external database via unencrypted connections.

This highly sensitive data was intended for limited access by select employees within the city government, but the security oversight had made the data available to any attacker clued-up enough to park themselves on the perimeter of the network and collect the data-rich MySQL packets that came their way.

Darktrace Cloud detected an unusual SQL connection to a rare external IP from a desktop device within the company. This communication was verified as being SQL-related via packet capture, which then revealed the sensitive public data.

The customer was unaware of this vulnerability, which remained under the radar of its entire security stack. An attacker could easily exploit it to gather material for spear phishing attacks or potentially even identity fraud.

In order to lower risk and identify atypical or suspicious behavior, full visibility of all cloud services is critical, as hosting data on external servers can create dangerous blind spots and introduce subtle threats that circumvent traditional signature-based tools.

  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
  • Topics
  • Security Technology
  • Darktrace
  • encryption
  • Visibility
  • Cloud and Infrastructure

More from sponsor

With cloud costs accelerating, visibility and automation are essential to retaining control
With cloud costs accelerating, visibility and automation are essential to retaining control

Containing the cost of cloud services

  • Cloud and Infrastructure
  • 18 April 2018
To move forward with cybersecurity we must 'battle our own complexity' says Darktrace founder
To move forward with cybersecurity we must 'battle our own complexity' says Darktrace founder

'There's an awful lot of hype out there'

  • Threats and Risks
  • 23 November 2017
Darktrace: You can't stop compromise, in fact you're probably compromised right now
Darktrace: You can't stop compromise, in fact you're probably compromised right now

Security firm outlines why traditional security techniques no longer work, with both networks and hacking techniques evolving so rapdily that security teams can't keep up

  • Security Technology
  • 04 May 2017
Only 27 per cent of firms have 'visibility, understanding and control' of their collaboration environments
Only 27 per cent of firms have 'visibility, understanding and control' of their collaboration environments

UC&C control slipping out of IT's hands?

  • Communications
  • 08 September 2016
blog comments powered by Disqus
Back to Top
  • Contact
  • Delta
  • Marketing solutions
  • Enterprise IT Events
  • Incisive Media
  • Terms & conditions
  • Policies
  • Careers
  • Twitter
  • LinkedIn
  • Newsletters
  • Facebook
  • YouTube

im_logo

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017
Loading