Even IT Pros Are Worried about Public Cloud Security

By Michael Brown Sure, the average consumer is worried about storing their data in the cloud or sharing it through cloud-based file sharing, but how can managed service providers (MSPs) respond to an enterprise when even their own IT professionals are worried about the state of security in the public

By Michael Brown

Sure, the average consumer is worried about storing their data in the cloud or sharing it through cloud-based file sharing, but how can managed service providers (MSPs) respond to an enterprise when even their own IT professionals are worried about the state of security in the public cloud?

In 2011, Symantec and the National Cyber Security released a study that reveals cyber attacks cost small- and medium-sized businesses an average of $188,242. Perhaps even more alarming, research conducted by Gartner shows that nearly 90 percent of the companies that were victimized by a major data loss went out of business within six months of the attack.

One-third of the 1000 IT professionals responding to a Bitglass survey said that they experienced more security breaches with the public cloud than their internal information technology function.

The key concerns listed in the survey include:

Unauthorized access- 63 percent
Hijacking of accounts- 61 percent
Malicious insiders- 43 percent
Insecure interfaces/APls- 41 percent
Denial of service- 39 percent
The number of security breaches in 2013 grew by 20 percent from their figures in 2012, according to Ponemon Institute.

Even for MSPs with core competencies in various IT services, their specializations does not spare them the myriad of problems related to cyber attacks. In fact, MSPAlliance reports that malware, data breaches, data loss, insider threats, web threats, BYOD, and email phishing are some of the most dangerous risks that managed service providers face.

The following suggestions can help MSPs handle clients' unease about IT security:

Make Yourself an “Outsourced CIO”

You may have a superior cloud-based services portfolio, but, unless you establish a foundation of trust, you will find it difficult to build a solid and lasting advisor relationship with discerning customers. Furthermore, you will not differentiate yourself from your competitors. The ideal client relationship should go beyond that of a “trusted advisor” as it relates to cloud services, instead to the level of “outsourced CIO,” says Information Age.

For internal IT departments, the CIO does not limit his or her influence to infrastructure and network management, but makes impactful contributions to strategic discussion. The CIO works with other department heads—finance, legal HR, etc.—to develop strategies, policies, and better business processes and outcomes.

MSP/Industry Best Practices for IT Security

Successful MSPs practice truly exceptional endpoint security, which helps build credibility and trust with the customers. Provide your customers the peace of mind by demonstrating how your security systems operate in real-time to provide multiple layers of security, which include:

Security-level certifications for their industry
Firewall management
User identity management (two-factor authentication, audits, and automation)
Intrusion detection management
Real-time threat management
Implement only the best antivirus, malware, and firewall products. The same thing applies to the security technicians and professionals that you hire.

Demonstrate the security process/transparency to your clients. The client security portal should allow for around-the-clock access so that customers have real-time visibility into their network security posture and compliance across all managed services. Customers should also have the capacity to perform advanced analytics and reporting.

Build IT and They Will Come

Issues pertaining to cloud security continue to rank at the top of the list of concerns for business owners, CEOs, CIOs, and IT directors. Nonetheless, they continue to offload all or part of the IT function to the cloud to take advantage of the efficiencies and effectiveness of the technology. More than 71 percent of the companies participating in the Bitglass survey said that they intend to or were in the process of implementing some form of cloud services.

When companies move hardware to the cloud or launch business applications, they want to know that their MSP has next-generation firewall and other leading-edge security tools to protect their networks and data. Companies also want assurance that your intrusion procedures will kick in quickly to contain any breach—and mitigate damages.

Regardless of the shape size or vertical market, all MSPs can become trusted advisors and implement best practices to help lessen customer concerns about cloud IT security. At the very least, your customers need to know that you are aware of the concerns about security, and your ongoing efforts to monitor security, implement the latest innovations, and stay ahead of cyber criminals.

comments powered by Disqus

What's New