In a cloud orientated world, on-premises network security will no longer cut it for organizations. Traditional anti-virus protection can fail as attackers gain access to your internal network from a formerly trusted endpoint. With IT increasingly being delivered outside of the company network through cloud and hybrid architecture, the changing threat landscape targets application vulnerabilities and users. Endpoints in and outside the network such as e-mail have long been a preferred target for criminals, e.g., ransomware attacks are in most cases through e-mail.
1. Each attack creates new defense strategies for all
2. Learnings from attack vectors
Today’s cybercriminals work with deep pockets, capable of obtaining and imitating a company’s on-premises technology. Hundreds of attacks are performed on the same IT environment, and as attackers possess vast amounts of financial resources and time, they will quickly find vulnerabilities and weaknesses. Cloud destroys this attack vector; while criminals might obtain endpoint software and devices, every attack attempt is recorded, analyzed, and shared with every endpoint by the security provider.
3. Protection in and outside the network
Our BYOD workforce works from home and on the go with very few behind a VPN 24/7. Most on-premises solutions do not account for this as the management console itself is behind the VPN. Endpoint software within each device must be connected to the console via a VPN, which doesn’t support employees during transport. However, cloud-based endpoint security allows management of these remote assets, wherever they may be, because it is integrated in the actual solution.
The reason for cloud replacing on-premises solutions is, in many ways, due to its simplicity and scalability. On-premises endpoint security solutions have a difficult time scaling to meet increases in node counts and attack volumes. Consider large enterprises that may have millions of nodes to contend with and potentially hundreds of servers to manage them. Cloud architecture allows for centralized information and access controls, making it possible to ensure only the right people can see the data they need. Everything scales dynamically so that companies always pay only for the security they need, providing significant cost savings.
The value of endpoint protection cloud platforms lies in identifying specific attacks and speeding the response to them once they are detected. This is possible by gathering information about communication between endpoints and other devices on the network and changes made to the endpoint itself that may indicate compromise.
Furthermore, looking at an on-premises update process and cycle – these are slow and painful for companies. Major anti-virus vendors are subject to a very laborious process for creating updates, which can last for months as they develop and test. Once this process is complete, there are additional delays as the client upgrades to new releases. As attackers are refining techniques daily, the result is that every update is out-of-date. Cloud security providers patch you timely, consistently, and continuously, keeping you out of the legacy zone.
Kenneth Demskov is IT security specialist with 25 years of experience from the IT world and has worked with server-, network-, and database operations distributed across a broad spectrum of operating systems, database technologies and types of networking equipment. Certified in Fortinet and Microsoft focusing on design and delivery of security solutions to Danish organizations, Kenneth is specialized within network and endpoint security, advising companies on a daily basis how to secure the right data protection under de-centralized and fragmented security challenges.