MadeIT inc Managed Hosting | 2016

hybrid cloud According to a study by Cicero Group and Veritas Technologies, the private cloud, and public cloud alliance continues to grow in business.

Three-quarters of companies worldwide continue their adoption of hybrid cloud, by definition involving the private cloud and public cloud. This is the salient point of a recent study sponsored by Cicero Group Technologies and Veritas.

The results show the importance of a sophisticated corporate strategy for information management and security. For the study, Veritas and Cicero Group interviewed more than 1,800 worldwide IT executives with more than 500 employees and managed by at least 75 terabytes of data.

This study was especially noted the pace of switches to different kinds of cloud and motivations. This flip-flop now applies to all types of data, including critical data, which implies to adopt a real strategy and real security.

Nearly 38% of the volume of data is currently housed in a private cloud (+7% in one year) against 28% in a public cloud (+ 18%). In Japan and Brazil, it is 50% of the volume that is currently in the public cloud. 74% of companies use multiple cloud providers, and 23% use at least four suppliers. It increases the pressure on IT departments to secure the data on all of these environments.

In the breakdown by sectors, the manufacturing industry is in the first place. The manufacturing industry takes 30 percent of their workloads in the public cloud. Second place goes to telecommunications companies with 24 percent, followed by health care and finance, each with 23 percent. The public sector constitutes 16 percent cloud adoption.

More than a third of respondents cite cost as the main argument for the public cloud use. However, security remains the main obstacle. Half of respondents named security and backup architectures as the main reason to avoid the public cloud. Nearly 41 percent expect an improvement by introducing a hybrid cloud – which is internationally the highest percentage.

Security is also the most important factor for the satisfaction of enterprises with public cloud offerings. Providers of public cloud solutions should communicate their benefits in terms of safety.

A significant number of respondents indicated that they would always run certain workloads within the enterprise and do not move to the cloud. 28 percent cited in this context named backup and recovery, 27 percent disaster recovery and 26 percent archiving or data warehousing.

About 81 percent of companies not using cloud in the implementation and ongoing support to the services of service providers. The heterogeneous and complex composition of cloud solutions is therefore likely to remain a challenge for IT departments.

Companies are increasingly using heterogeneous solutions. From the perspective of information management, this can increase the complexity. Organizations must be more vigilant than ever to see blind spots of IT and potential safety issues. Only way they can avoid unplanned downtime or even an information crisis.

The study recommends several steps – the organizations should help to remain agile to minimize the risks inherent in the implementation of hybrid cloud environments. IT professionals should focus more on information management rather than on infrastructure.

midyear-security-report-2016-486x274 The recent study Cisco 2016 Midyear Cybersecurity Report indicates that organizations are not prepared for the arrival of more sophisticated ransomware strains. Weak infrastructure, inadequate care of the network and slow detection times are giving cyber criminals plenty of time and plenty of room to operate.

According to the results of the report the fight to limit the working area of hackers is the biggest challenge for companies, as well as a threat to digital transformation. The study results also point out that opponents are directing their attention towards server-side attacks, continuing to evolve methods of attack and increasing the use of encryption to mask their activities.

In the first half of 2016, ransomware has become the most lucrative malware ever. According to Cisco, this trend will continue with the arrival of even more destructive strains that can spread on their own and to hold entire networks and companies hostage.

New strains modular ransomware will be able to change their diffusion tactics quickly to maximize efficiency. For example, future attacks and ransomware will evade detection, managing to limit the CPU utilization and to refrain from command and control actions.

Visibility across networks and endpoints remains a primary challenge. On average, organizations employing up to 200 days to identify new threats. The average time to Cisco for detection (TTD: time to detection) exceeds the industry standard, with a new minimum of time about 13 hours to detect previously unknown impairments relatively to the six months ended in April 2016. This result lowers the average level recorded in the period ending in October 2015 amounted to 17.5 hours.

Although organizations in critical areas such as health have marked a small improvement concerning attacks in recent months, the results of the report indicate that all vertical sectors and all regions of the world can be targeted. In the first half of 2016, it was recorded an increase in direct attacks on society, companies, non-profit organizations, non-governmental organizations (NGOs) and businesses operating in the field of electronics.

In the face of sophisticated attacks, aging infrastructure and limited resources, security managers are struggling to keep up with their opponents. The data suggest that security managers have trouble taking proper care of the network, starting from patch application to the most critical technologies for the business.

Cisco has found that much of the infrastructure under consideration is not supported or work with known vulnerabilities. Specifically, the researchers looked at 103,121 Cisco Internet-connected devices and found that on average on each device are running 28 known vulnerabilities, and known vulnerabilities were present on average for about 5 years, including more than 9% of vulnerabilities are known for over a decade.

Browser updates are the least heavy for endpoints, while enterprise applications and server infrastructures are more difficult to upgrade because they can cause business continuity problems. In essence, most application is critical to your business and less likely to be updated, creating gaps and opportunities to be attacked.

In the end, Cisco report suggests some simple steps to protect corporate environments.

Improve the cleanliness of the network by distributing timely patches and updates and implementing perimeter defenses, including solutions for the protection of email and web security, firewall, and next-generation IPS.
Measure the detection time, get a time threat detection as fast as possible and immediately take countermeasures to limit the damage. Establish security policies that also include metrics at the time of detection and threat mitigation.
Protect users wherever they are and wherever they are working, not to restrict the protection to systems and devices used when you are connected to the corporate network.
Back up your critical data and systematically test their effectiveness also making sure that the back-ups are not at risk of being compromised.