SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Interview: Barracuda decision-makers discuss public cloud security
Thu, 19th Mar 2020
FYI, this story is more than a year old

As organisations around the world make their move towards public cloud infrastructure, as in almost any emerging technology, there are security risks to consider.

Last month, the cloud security company Barracuda released a report outlining the security barriers organisations must overcome to adopt the public cloud, as studies reveal that security was the top concern for organisations considering making a move to the public cloud.

TechDay spoke to Barracuda's cloud security solutions architect Gemma Allen, and regional vice president of public cloud Chris Hill to get the latest on public cloud security.

What are the primary security threats to public cloud infrastructure? Gemma:

You're talking about a known published list of resources that anyone can get to because it's public.

I call it shooting fish in a barrel, and if you're in the public cloud, you may be putting yourself in that battle. Because there's a list of your IPs that you're using out in the public.

So technically it's available for people to find, scan and investigate.


The main thing is that all the threats you see on-premise are prevalent in the cloud as well.

So it's not that you necessarily see a whole bunch of new threats. It's just what stage you've left yourself open for as you're on the journey.

What are the benefits of a third-party security solution like Barracuda?  Chris:

We've become a clear leader in in the firewall space, for example, and we've learned a lot along the way.

Microsoft and AWS, which we have strong ties with, offer firewall services, for example.

So you could argue, why does a company like that want to use a third party? But Microsoft doesn't necessarily say ‘we're an out-and-out security company' -  they partner with the strongest partners out there.

And we're very open and transparent with partners like Microsoft and with end-users.

We specialise in this field, we give our clients very comprehensive security solutions.

Software defined wide area network (SD-WAN) is the technology of choice for organisations keen to achieve securely integrated network for their cloud deployments, and is in use by half of those with public cloud security. What are the benefits of an SD-WAN solution? Gemma:

Big organisations can afford and need the dedicated high-performance connectivity of things like Express Route and direct connect.

But SD-WAN is really going to enhance things for the smaller organizations that don't really want that.

The want encrypted connectivity, and quality of service controls. This is where SD-WAN can really start to bundle with the cloud.


SD-WAN is not new. We've been making it for over 10 years.

There are dedicated routes to the cloud, but you know, the internet is king when it means to get there.

If a customer is used to monitoring all their traffic, managing it, splitting it into lanes, encrypting it, protecting it, what happened in the early stages of the cloud was as soon as they open the perimeter and attach it to the cloud, they lost all of that functionality until they got there.

And the technologies we use allow them to keep all of that and see that across the links in a secure way.

Do you see any heightened security concerns with the COVID-19 outbreak? Gemma:

Organisations have had to respond very rapidly to coronavirus and the various kinds of shutdowns and social distancing being practised.

Now, that probably means that organisations have to find alternative ways for remote workers to get into tools they were previously using.

It's absolutely tempting to use the cloud. And it's even more tempting to rush quickly and get these things out there.

People need to be wary of rushing so fast that you open the door to having security issues with logging in to an intranet over a less secure connection.

38% of security teams in the APAC region spend a day or more managing and preventing security breaches in the public cloud. This is considerably higher than the global average of 29%. Why is this? Gemma:

APAC regions are kind of somewhat behind on some of the connectivity options and some of the SD-WAN connections.

There may be a skills lag also because it's only in the past year or so that we've seen have a big push in APAC region data centers.

And then you'll have the new world adopters who are still developing their skills, who maybe aren't as aware of the best practices and operational aspects of the cloud.

And so, for the new guys, things do take more time.

Any final things to add? Chris:

In unprecedented times like this, if [cyber attackers] are going to take advantage of people's fear during this crisis, then people need that trusted partner.

We have no idea just like anyone else, what's going to happen to the business in the next foreseeable months.

But as a company, we are absolutely staying put.

To learn more about Barracuda's security solutions, visit their website.