How Cloud Security Protects Businesses?
Repel cyber attacks before they threaten the infrastructure of customers: this is the most obvious task of a cloud provider in terms of security measures. However, cloud security goes much further and supports business customers in much less obvious areas.
If your business has not been affected by ransomware such as Petya or WannaCry, there may be three reasons: you have not been attacked, you have applied adequate security measures, or you have already been protected by your security provider. cloud. While small businesses may not even be the target of a malware attack, the situation is quite different at a major ISP, as shown by the example of Petya. “We detected this attack early enough and we were able to react before ransomware arrived at our customers,” says Tobias Langbein, security architect at Swisscom. In concrete terms, it was possible to block the addresses at the source of the attacks and to update the signatures of the viruses in time. Cloud attacks and client systems have been blocked.
Protection against cyber attacks
Securing your data
Cloud security for your data You want to better protect and secure your data, in Switzerland, of course? We have the right solution for your business.
This early detection was also the result of close cooperation and the immediate installation of software vendor security updates. In the case of cyberattacks, it is crucial to react quickly, says Tobias Langbein: “By reacting preemptively and taking security measures, we can avoid real damage that could result from system failure. critical for the company. ”
This is not only true for threats from ransomware and other malware. DDoS attacks in which the systems are overwhelmed by requests and therefore paralyzed can be blocked in time if they are detected at an early stage. The expertise and technical security features of a cloud provider therefore directly benefit customers whose applications and systems run on the cloud. Users benefit without even having to develop the necessary infrastructure and skills.
Cloud security goes beyond protection against malware
Cyber attack protection is just one piece of the puzzle across the cloud security system. On the one hand, it includes technical measures to protect against attacks and those used to ensure data security and availability. On the other hand, access control at the entrance to the computer center is also included. They are necessary, even if the attacks occur most often on the Internet, as Tobias Langenstein explains: “The security measures must cover all aspects. Otherwise, we can not guarantee security in a credible way. ”
Indeed, it is not enough to simply take protective measures. Their effect must be proven. This evidence of the effectiveness of the measures taken is called compliance. The basis is ISO standards and regulatory requirements, the compliance of which is verified by external audit bodies in the context of audits. “We contractually ensure that our customers comply with safety standards,” says Tobias Langbein. “We can also prove compliance through audits.”
Compliance also benefits companies that do not have to meet security requirements as high as banks for their own data. This is particularly true for SMEs that are themselves suppliers and service providers for large companies: “These SMEs often face compliance requirements that they find hard to prove themselves,” says Tobias Langbein. “As a cloud provider, we can bring this proof to our customers.”
Data security as a key asset
In order to meet the most stringent requirements, security considerations must be taken into account as early as the cloud planning stage. “The decisive aspect is that customer infrastructures must be separated from each other so that any unauthorized access is impossible,” says Tobias Langbein. As part of his work, he is responsible for advising cloud architects during planning to ensure this isolation. The implementation is done through the equipment and software that for example separate the storage spaces and virtual servers of each client from the cloud.