4 Signs of Cloud Security Hacks--and How Safe Networks Respond

Hackers are waiting to pounce when companies bring their internet and phone infrastructure to the cloud. Cloud security is a daunting concern for small- and medium-sized businesses (SMBs) and their in-house security resources, which are already stretched. SMBs are especially vulnerable to hacks that compromise the confidentiality, accuracy and availability of their information assets.

One notable 2016 threat investigation report found companies with 1,000 or fewer employees suffered more incidents of confirmed data loss than their big-business counterparts. More than half these incidents were in the retail and hospitality industries, which attract hackers with a tempting array of credit card and other account data.

Yet a breach in cloud computing security can threaten not just financial data but also the tech infrastructure itself. Once hackers gain entry to cloud storage, they can hold data for ransom or repurpose network assets to launch more attacks.

2016-08-02-1470155285-6487183-160801COHPcloudbasedimage.jpg

There are plenty of reasons for SMBs to use the cloud--mobile cloud apps make it practically essential. But there are cloud solutions that won't compromise a business network, such as encrypted cloud storage that can make a network more secure.

The complexity of data security solutions can challenge onsite technology teams. But well-managed network security services will detect and track a wide range of threats. For example, Call One's team works with customers to develop customized cloud security strategies, taking into account operational needs, budgets and more. Our experts offer solutions including identity management, protection from threats and monitoring and auditing.

Additionally, with employees using greater amounts of data to watch videos, listen to audio and more using cloud services, maximizing bandwidth in a cost-effective and secure way has become critical. Bandwidth is a growing concern in relation to data security. Unsecured systems can lead to hackers and others stealing bandwidth, which slows systems down and puts data at risk.

In response to these issues, we are one of a short list of providers nationally that have introduced a scalable solution to securely increase bandwidth using existing infrastructure instead of requiring a costly, full bandwidth upgrade. At Call One, we call this product SmartWAN.

SmartWAN is just one example of our cloud-based security initiatives. We design systems to protect organizations, keep employees productive and prevent the many scenarios that compromise SMBs' networks. Some telltale indicators of compromise--and what to do about them--include:

Weak seams in the patchwork. Attackers exploit gaps in a company's maze of firewalls, VPN gateways, web filters and other devices. An investigation by F-Secure this year found common, known software vulnerabilities were exploited in thousands of high-severity security events. Yet many organizations ignore critical updates or use software that is no longer supported. Enterprise systems are prone to short-term fixes that fail to perform at scale.

Well-managed desktop security services update software frequently for known vulnerabilities. Their networks restrict read access and install resilient security systems that flag spikes in application record access and file or database reads--potential probes by a hacker looking to see what's worth stealing.

Outbound network traffic. Unusual outbound traffic can signal a theft in progress. Well-policed wireless internet and VoIP networks send out alerts whenever they find a high volume of compressed file transmissions, database requests or SSH transfers--clues that hackers or insiders could be smuggling data across the firewall. Administrators can watch the activity and block certain file types.

Well-managed network security services look beyond the volume of traffic. They map the diversity of user devices and applications to search for strange behavior. Traffic to an external DNS server instead of the corporate DNS, or many users connecting to one external device's user-agent string, indicate hackers at work.

Suspect administrator activity. Senior security executives in the 2016 Vormetric Data Threat Report see privileged users and their extended network access as the biggest threat to sensitive data. National-security leaker Edward Snowden serves as a reminder of the threat posed by internal hackers.

Yet super-users more often do unintended damage as phishing victims: In some organizations, cyber con artists are constantly trying to steal or hack their skeleton-key credentials. For retail and hospitality networks, the weakest link is vendor access to payment systems. One fast-rising concern is C-suite hacks. Top executives have the power to flout security policies and to move money.

Unexpected access. Four out of five data breaches in the threat investigation report we mentioned earlier come from outside the network. State-of-the-art networks track IP addresses, telephone SIP logs and file MD5 attributes for potential threats, and detect the spoofed packets of a high-tech hijacking.

Network analytics software can look for patterns, such as a phone call that brings a worker into a phishing hack, and harden network defenses by setting alerts, flagging suspect files or blocking domains and phone numbers.

Why Small and Midsized Business Need Managed Network Security Services

SMBs often do not view themselves as targets. Yet Cisco's 2016 Annual Security Report identifies SMB networks as the starting point for hacks aimed at their more lucrative business partners. In a troubling sign, SMBs said they used fewer threat detection processes and defense measures in 2015 than the year before, such as web security or patching and configuration tools--and security programs at every level of maturity faced budget constraints.

Most security professionals in Cisco's survey outsourced at least some security functions; only 12 percent kept them completely in-house. Security executives have grown less confident their security infrastructures are up to date, and only 22 percent of businesses with fewer than 500 employees said they do not have an executive with direct responsibility and accountability for security.

In this dynamic environment, companies increasingly rely on outside consulting. Engineers who have worked across industries are in a good position to test a client's security resources and suggest best practices to stay ahead of intruders.

Ultimately an organization's leaders may need to rethink their entire security architecture. Software-defined networks in particular offer built-in protections against attack. They require less manual configuration, reducing chances for error. By consolidating multiple security layers, a single platform can save money, help security teams prioritize risks and protect mission-critical operations.