Cyber-security continues to be a hot topic in the news. This month, we learned that both the Hong Kong government and security company Kaspersky were victims of a security breach. The former saw a theft of social security numbers for all their employees, while the latter was on the receiving end of an extremely sophisticated state-sponsored attack.
Despite the frequency and cost of cleaning up after an attack, 43% of companies still have no plans to increase security spending this year. That’s why it’s important for cloud service providers and resellers to share with their customers the importance of having a security strategy.
We sat down with Ben Collar and John Kurdziel of Silo Security at Cloud University Live in Los Angeles earlier this month. Their company is a San Diego and Michigan-based IT security consulting firm working with clients in the healthcare and financial industries.
Here’s what they had to say about cyber security:
Ingram Micro Cloud: In your own words, why is security so important for businesses?
Silo Security: Criminals and hackers are getting the upper hand these days in security breaches. They are constantly attacking and moving faster than the industry and able to see a profit from their efforts. We as technology companies need to do a better job of fighting back; otherwise our customers will lose money without an investment in security solutions. Even though it’s been this way for a long time, the importance of security has accelerated lately with all the incidents we have seen. When a company like Kaspersky gets compromised, you know that this is a battle that must be fought and that there is no 100% guarantee that any business is safe.
IMC: How can businesses win this battle? Can they leverage the cloud to do so?
SS: Businesses can win this battle by making life more difficult for the hackers. Most attacks occur through social engineering, where spammers send legitimate-looking websites or make phone calls to unsuspecting users to get sensitive information. Customers can work around this by educating their employees to learn how to spot such attacks and avoid messy issues.
The cloud comes into play here since it is the future. Security will remain an important area of consideration no matter what, and can help companies save money. Customers will therefore need to be able to create a sound security strategy in addition to educating their employees.
IMC: What does a good security strategy look like?
SS: A good security strategy is one that addresses each potential compromise point and increases your chance of beating those types of compromises. It starts with employee awareness and knowing how and where attacks start. From there, it’s a matter of identifying, monitoring, and blocking incoming malicious attacks.
On the technology side, it’s about working with a well-respected vendor who is up to date with the security landscape and always updating their security signatures and analytics. In purchasing technology, it’s important to be able to monitor incoming traffic anomalies while also being able to protect data in exfiltration – or the ability to stop data as hackers are taking it out. Only when you have enough layers built and implemented, can you have a good chance of detecting and defending against an attack.
IMC: How does your company work with Ingram Micro Cloud?
SS: We are a part of the Cloud Elevate program, and use it to help transform our clients’ business in the cloud with confidence and ease. We really like the streamlined Cloud Marketplace interface, and find value in the ability to have control over customer accounts, pricing, and billing, in addition to live support. It’s a great fit for what we are trying to do and we recommend it for other resellers and colleagues as well.
IMC: Where do you see the IT/Cloud industry going, specifically for security?
SS: We believe that in 1-5 years, the vast majority of companies will have their infrastructure in the cloud or be moving it there. Cloud is good for small business and enterprise, and scales really well. Plus, there are new services coming out as well like data recovery as a service (DRaaS). We definitely anticipate cyber security attacks to increase as well.
We also anticipate cloud offerings to improve as customers move from on-premise security solutions to cloud solutions. Chances are that cloud will look a lot like other IT industries and take on a hybrid model.
IMC: What advice do you have for fellow security resellers?
SS: Our advice to fellow resellers is to embrace change. We encourage our colleagues to embrace their customers’ desires to move to the cloud because there are ways to secure those transactions and it’s our job to find out how to protect customers. IT is all about supporting the business whether it’s security or something else. We also encourage our colleagues to devise creative solutions to moving to the cloud.
IMC: Finally, if you had one piece of advice for the IT decision-maker when it comes to security, what would it be?
SS: For the IT decision-maker, our advice would be to get one new layer of security planned, rolled out, and monitored for effectiveness by the end of the year. It’s better to have one well-understood and properly deployed product you can trust than several you are unsure of.
For customers and resellers interested in learning more about Silo Security, visit their website at www.silosecurity.com. You can also learn more about Cloud University Live by visiting our site at http://www.ingrammicrocloud.com/cloud-university/. Stay tuned to CloudTalk as we’ll be sharing more stories and interviews throughout the year for resellers who want to elevate their cloud business and stay abreast of the industry.