Most businesses nowadays will use some form of Public Cloud service, whether that be Amazon Web Services (AWS) for application building or Microsoft Azure for your cloud infrastructure. As with all areas of your business IT they can be vulnerable to cyberattacks. In fact, being a Public service can mean they are even more at risk. So if one of your Public Cloud services was a potential target of an attack, can you say that you’ve diligently mitigated against the risks of a security breach by removing the vulnerabilities?
What does a Public Cloud breach look like?
Last year Capital One fell victim of a large-scale data breach whilst using Public Cloud service Amazon Web Services (AWS). In this instance a firewall was penetrated which resulted in 100 million credit card customers’ and applicants’ data being compromised. The personal information in these files included names, addresses, birth dates and email addresses as well as financial information. As you can imagine, a data breach like this is not only dangerous for those whose personal details have been taken, in the case of fraud, but also the reputation of Capital One.
A data breach is damaging for 3 main reasons:
- Fraud: The customers whose data has been compromised are at risk of being victim to fraud.
- GDPR: If personal customer data is stolen then you are breaching GDPR.
- Reputation: A data breach can largely affect your reputation as a business, resulting in losing customers and can be difficult to regain customers trust.
How can you protect the Public Cloud?
The breach at Capital One is one example of how information in the Public Cloud is at risk. Although it isn’t solely the responsibility of AWS it poses the question of how can you ensure the security of data stored in the Public Cloud. Visibility is key for securing the Public Cloud. Our security partner Sophos, have created a tool that provides you with greater visibility of your Public Cloud environments, called Cloud Optix. This in turn enables you to detect, respond and prevent security and compliance vulnerabilities.
Cloud Optix
Sophos Cloud Optix provides visibility of your Public Cloud services in one portal. This enhanced visibility and reporting allows you to simply monitor your usage (and in turn cost) as well as identify security threats and remain compliant with accredited security standards. Public Cloud providers such as Microsoft Azure and Amazon Web Services (AWS) offer similar features but much more complexly. Understanding their solutions often requires training and qualifications. Cloud Optix has all the necessary features to manage your Public Cloud services, delivered more simply and in one portal. Below are the key features of Cloud Optix explained:
Threat prevention and detection: Cloud Optix enables you to identify potential vulnerabilities in your Public Cloud infrastructure and identify if there is suspicious activity, alerting you (or your MSP) of the threat.
Cost monitoring: Public Cloud services are often priced based on usage and so if you were to carry out a particularly bandwidth heavy task your cost for that month could spike. With Cloud Optix you can set caps / warnings to ensure that you are notified if your monthly budget is about to be exceeded.
Compliance support: Cloud Optix can support you in becoming (and remaining) compliant with various security simplifications. If an element of your cloud infrastructure has been breached causing you to no longer comply, it will be tagged with the accreditation (i.e. ISO247001)
Cloud Optix and Bristol IT Company
There are two options for adopting Cloud Optix in your organisation, depending on your requirements:
1. As part of your Managed Service
If you’d like to reap the benefits of Cloud Optix but don’t have (or want!) the technical know-how to manage the information in the portal then we can package the subscription into your managed service. That way Bristol IT will use Cloud Optix to monitor and protect your Public Cloud on your behalf.
2. Standalone subscription
For some businesses, perhaps with an in-house IT resource, you may want a more ‘hands-on’ approach. We can provide Cloud Optix to your organisation as a stand-alone solution allowing you to have full control of the portal. Of course if you need support Bristol IT are still here to help. Purchasing Cloud Optix through Bristol IT also allows us to leverage our partnership with Sophos to your advantage.
Keep your Public Cloud Secure
So if you are using, or looking to move to, the Public Cloud then Sophos Cloud Optix can keep your infrastructure secure. Get in touch for more information or start your free no-obligation 30-day free trial today.