In a cloud orientated world, on-premises network security will no longer cut it for organisations. Traditional anti-virus protection can fail as attackers gain access to your internal network from a formerly trusted endpoint. With IT increasingly being delivered outside of the company network through cloud and hybrid architecture, the changing threat landscape is targeting application vulnerabilities and users. Endpoints in and outside the network such as e-mail have long been a preferred target for criminals, e.g. ransomware attacks are in most cases through e-mail.
Your employees can also be another entry point for a data security breach. Staff now have the ability to work outside of the physical limits of an organisation, with access to sensitive company data from a vast number of both privately and company-owned devices along with cloud-based applications which require businesses to strictly manage access and rights to systems and data.
It’s evident to see that the need for stricter data security measures is becoming urgent for all organisations, but through cloud solutions, businesses can achieve a high level of protection. The following five reasons will help explain why cloud is ideal for endpoint security:
1. Each attack creates new defence strategies for all
Cloud architecture allows for the ability to learn from cybercriminals and hereby crowdsource knowledge about new attack techniques across the entire IT chain in real-time to benefit everyone except the criminal.
Creating viruses with unique signatures require little effort from criminals, with automated and inexpensive construction kits available to them. And while simply storing signature-based threat information may improve the capability of reacting to known threats and malware, it does not utilize the Cloud’s ability to support real-time behavioural analysis and response to address unknown threats. With cloud technology, having full visibility into the endpoint allows for analysis of each stage of the attack, not just the point at which a signature could trigger a detection. This ability to see events in context and in real-time moves the advantage back to the defender.
2. Learnings from attack vectors
Today’s cybercriminals work with deep pockets, capable of obtaining and imitating a company’s on-premises technology. Hundreds of attacks are performed on the same IT environment and as attackers possess vast amounts of financial resources and time, they will easily find vulnerabilities and weaknesses. Cloud destroys this attack vector; while criminals might be able to obtain endpoint software and devices, every attack attempt is recorded analysed and shared with every endpoint by the security provider.
3. Protection in and outside the network
Our BYOD workforce works from home and on the go with very few behind a VPN 24/7. Most on-premises solutions do not account for this as the management console itself is behind the VPN. Endpoint software within each device must be connected to the console via VPN, which doesn’t allow for supporting employees during transport. However, cloud-based endpoint security allows management of these remote assets, wherever they may be.
The reason for cloud replacing on-premises solutions is, in many ways, due to its simplicity and scalability. On-premises endpoint security solutions have a difficult time scaling to meet increases in node counts and attack volumes. Consider large enterprises that may have millions of nodes to contend with, and potentially hundreds of servers to manage them. Cloud architecture allows for centralized information and access controls, making it possible to ensure only the right people can see the data they need. Everything scales dynamically so that companies always pay only for the security that they need, providing significant cost savings as well.
The value of endpoint protection cloud platforms lies in their identification of specific attacks and the capability of speeding the response to them, once they are detected. This is possible by gathering information about communication between endpoints and other devices on the network, as well as changes made to the endpoint itself that may indicate compromise.
Furthermore, looking at an on-premises update process and cycle – these are slow and painful for companies. Major anti-virus vendors are subject to a very laborious process for creating updates, which can last for months as they develop and test. Once this process is complete, there are additional delays as the client upgrades to new releases. As attackers are refining techniques daily, the result is that every update is out-of-date. Cloud security providers patch you timely, consistently and continuously, keeping you out of the legacy zone.
Cloud specialist focusing on AWS, GCP and automation with many years of operational experience. Certified AWS Solution Architect as well as AWS SysOps.
Find me on