Interview: Barracuda decision-makers discuss public cloud security
As organisations around the world make their move towards public cloud infrastructure, as in almost any emerging technology, there are security risks to consider.
Last month, the cloud security company Barracuda released a report outlining the security barriers organisations must overcome to adopt the public cloud, as studies reveal that security was the top concern for organisations considering making a move to the public cloud.
Techday spoke to Barracuda's cloud security solutions architect Gemma Allen, and regional vice president of public cloud Chris Hill to get the latest on public cloud security.
You’re talking about a known published list of resources that anyone can get to because it’s public.
I call it shooting fish in a barrel, and if you’re in the public cloud, you may be putting yourself in that battle. Because there’s a list of your IPs that you’re using out in the public.
So technically it’s available for people to find, scan and investigate.Chris:
The main thing is that all the threats you see on-premise are prevalent in the cloud as well.
So it's not that you necessarily see a whole bunch of new threats. It's just what stage you've left yourself open for as you're on the journey.
We've become a clear leader in in the firewall space, for example, and we've learned a lot along the way.
Microsoft and AWS, which we have strong ties with, offer firewall services, for example.
So you could argue, why does a company like that want to use a third party? But Microsoft doesn't necessarily say ‘we're an out-and-out security company’ - they partner with the strongest partners out there.
And we're very open and transparent with partners like Microsoft and with end-users.
We specialise in this field, we give our clients very comprehensive security solutions.
Big organisations can afford and need the dedicated high-performance connectivity of things like Express Route and direct connect.
But SD-WAN is really going to enhance things for the smaller organizations that don’t really want that.
The want encrypted connectivity, and quality of service controls. This is where SD-WAN can really start to bundle with the cloud.Chris:
SD-WAN is not new. We've been making it for over 10 years.
There are dedicated routes to the cloud, but you know, the internet is king when it means to get there.
If a customer is used to monitoring all their traffic, managing it, splitting it into lanes, encrypting it, protecting it, what happened in the early stages of the cloud was as soon as they open the perimeter and attach it to the cloud, they lost all of that functionality until they got there.
And the technologies we use allow them to keep all of that and see that across the links in a secure way.
Organisations have had to respond very rapidly to coronavirus and the various kinds of shutdowns and social distancing being practised.
Now, that probably means that organisations have to find alternative ways for remote workers to get into tools they were previously using.
It's absolutely tempting to use the cloud. And it's even more tempting to rush quickly and get these things out there.
People need to be wary of rushing so fast that you open the door to having security issues with logging in to an intranet over a less secure connection.
APAC regions are kind of somewhat behind on some of the connectivity options and some of the SD-WAN connections.
There may be a skills lag also because it's only in the past year or so that we’ve seen have a big push in APAC region data centres.
And then you'll have the new world adopters who are still developing their skills, who maybe aren't as aware of the best practices and operational aspects of the cloud.
And so, for the new guys, things do take more time.
In unprecedented times like this, if [cyber attackers] are going to take advantage of people’s fear during this crisis, then people need that trusted partner.
We have no idea just like anyone else, what's going to happen to the business in the next foreseeable months.
But as a company, we are absolutely staying put.
To learn more about Barracuda's security solutions, visit their website.