It’s not enough for colocation and cloud services providers to serve as data warehouses or application development playgrounds for their customers. They must literally serve as fortresses to protect their customers’ IT assets from the constant, increasingly sophisticated barrage of attacks that are intended to steal information, disrupt services and otherwise wreak havoc.
The providers that prove to be the most successful in this endeavor are the ones that aren’t afraid to bring in reinforcements or tap into specialized expertise.
That’s the approach that Peak 10 takes. While its IT infrastructure undergoes through rigorous independent assessments to ensure it meets the most stringent security requirements of a wide array of regulatory bodies and legislative acts (HIPAA and PCI DSS among them), the company also partners with leading technology companies to further enhance the security of its services.
One of those partners is SilverSky, a leading security expert and a grand trophy winner in the 10th Annual 2014 Info Security’s Global Excellence Awards. SilverSky powers many of Peak 10’s managed security services, and collaborates with the company to help keep it at the forefront of IT security ─ and its customers too. What does that entail?
It starts with knowledge, and a recent blog post, SilverSky shared some important information.
Citing research published by the Online Trust Alliance (OTA) in its 2014 Data Protection and Breach Readiness Guide, SilverSky noted that an analysis of nearly 500 breaches in the first half of 2013 showed that 89 percent could have been avoided had simple controls and security best practices been implemented.
That’s why it’s important for organizations entrusting their IT assets to third-party providers to understand the major threats they face ─ even within the secure environments their vendors provide. They must also be knowledgeable of the security controls that their providers have in place and what they themselves can do to help ensure the integrity and security of their data and applications.
IT villains aren’t backing down, and are constantly seeking ways to exploit weaknesses. While their attacks can take many forms, SilverSky cited the following as some of the major threats that organizations and their vendor partners must be prepared for:
- Targeted attacks that are designed to strike a specific user, company or organization.
- Advanced persistent threats (APTs), which are incessant, targeted attacks by nation-states, hacktivists and cyber criminals.
- Phishing, which occurs when an attacker masquerades as a trustworthy entity and asks users to divulge sensitive information.
- Zero-day attacks that exploit previously unknown vulnerabilities in a computer application, which may not have been discovered, addressed or patched by developers.
What can companies do to prepare for them? Both Peak 10 and SilverSky agree that traditional signature-based approaches and simple content filtering should be supplemented with advanced tools and techniques to create a preventative approach. That means implementing processes such as sandboxing, in which security professionals execute untested code or untrusted programs from third parties without harming the host device or network.
Statistical analysis and machine learning can be employed to provide a comprehensive view of internal and external risks and identify unusual network traffic patterns and security breaches. Investing in 24/7/365 analysis can help ensure protection around the clock and position organizations to respond to potential issues as soon as they arise.
The key is to stay out in front of all possible threats, stop them to before they start and counteract them immediately if they do get through. Managed security services can provide the extra reinforcements needed to help make this happen.
Be wary of cloud and colocation service providers that think they can do it all on their own. And don’t think of managed security services as just an attempt by a vendor to make more money off its customers. These services allow you to leverage advanced technologies, expert intelligence and superior scale to more cost effectively protect valuable IT assets. With security threats constantly changing and becoming more and more advanced, you can never have too much protection.
Source information provided by SilverSky.