Now more than ever, companies are flocking to the cloud. Through a variety of software as a service (SaaS) and infrastructure as a service (IaaS), enterprises are able to raise their efficiency, increase their flexibility, and decrease costs. However, pursuing these benefits does come with some risk. In particular, malware and ransomware have transformed from issues on endpoints to systematic threats to organizations’ suites of cloud apps.
While it may be tempting to run from the cloud (and the threats hiding in its billows), the fact remains that it is a staple of modern business - it’s here to stay. So, enterprises must take steps to understand malware and safely capture the benefits of the cloud. This process is similar to composing a painting in that there are many items to consider when trying to complete a picture of the ideal future. Each piece of secure cloud migration corresponds with one aspect of painting - see how in this post.
The Saboteur: Types of Malware
Malware can be thought of as a sly saboteur waiting for an opportunity to throw paint at your canvas and ruin your design.
Malware can be divided into a number of smaller classifications. For example, horror stories often revolve around worms, spyware, trojan horses, ransomware, and many other types of Malware. Despite this lengthy list, two overarching categories are of primary importance. When evaluating malware, one must think in terms of known threats and unknown threats. While a known threat is a common piece of malware that has been seen in the past, an unknown threat (or zero-day threat) is malware that is relatively new and has not yet been identified. Zero-day malware is a particular risk because it is harder to detect - there can be months of damage, theft, and infection before it’s noticed. They each present different challenges and must be addressed in unique ways.
Running Paint: The Spread of Malware
Malware can quickly spread - much like the saboteur’s paint as it drips down your canvas.
There are a few ways that malware can propagate. First, if an employee uploads a file with malware to an organization’s cloud app, the organization’s security is effectively compromised. Next, any employee who downloads said file will have their device infected, and upon uploading their own files to the cloud app, will further contaminate the organization. Finally, without the direct intervention of any employee, the infection can organically spread within and across an organization’s cloud applications.
The threat of malware is compounded by bringing your own device (BYOD). More employees performing more work from more unmanaged devices means more exposure. In a similar way, having more data in more connected cloud apps can make it easier for an infection to proliferate within a company. Fortunately, there are tools that help fight malware.
The Brush: Tools for Addressing Malware
As the artist must use a brush to confront the saboteur’s dripping paint, so must organizations use tools to confront malware.
To successfully address malware, enterprises must be ready to identify it early and take action quickly. For known threats, traditional, signature-based solutions employ reactive technology whereby files are effectively executed in a sandbox and screened for known malware. For zero-day threats that have yet to be identified, advanced threat protection (ATP) involves sophisticated, proactive, behavior-based solutions like machine learning, artificial intelligence, and static analysis.
Obviously, firms must be prepared for both types of threats on a variety of endpoints (including mobile devices), at upload, at download, and at rest in the cloud. Many products and capabilities exist, but companies must take action to ensure security.
The Hands: Your Company
Like the hands that defend against the saboteur, use the brush, and paint the picture, your company is ultimately in control of how it handles malware in the cloud.
An enterprise can have vast stores of institutional knowledge and a glut of security funding, but can still be unprotected. No amount of research or preparation can defend against the threats of the cloud if there is no execution. So, don’t just research. Adopt solutions that can defend against known and unknown malware across a variety of devices and use cases. Train your employees on how to avoid malware and prevent its spread. Utilize policies that can reduce the risk of exposure to malware. Many solutions are available, but they must be used to be effective.