Archives For amazon cloud

cloudcomputingSo How Secure Is The Cloud Really?

The Cloud Means Many Things – Not All Clouds Are The Same

If you’re clients are considering a move to the cloud, what should you tell them. I’ve had technology-provider clients steer people away from the cloud. Gartner, The Wall Street Journal, and I agree – people are going to move to the cloud, regardless of what you or I think about security. Telling them “No” is only going to hurt your business. Instead, start thinking of ways to help them make the move in a secure fashion.

The Cloud Is More Secure Then Their Company Network

This idea was underscored in a WSJ article this morning where United States Chief Information Officer Tony Scott offers his opinion.  Like keeping your money in the bank, you can’t duplicate bank security at home. He’s talking about cloud offerings like Google, Amazon, and Microsoft, not some fly-by-night could outfit. These companies are under the microscope everyday, facing attacks and audits. If anyone is secure they are. Most businesses are not going to build this themselves anymore than you are going to recreate bank-level security at home.

Note, I am not saying big cloud providers can’t be broken. Read my book The House & The Cloud. Simply put, if it’s connected to the Internet, it can be hacked. Google and their competition will always be under fire, and occasionally we’ll hear of a breach. I am also stating this for the majority of US companies which happen to be small and medium business. Many of the larger financial institutions are doing just as a good a job, or better with security. But as we saw with JP Morgan last year, nothing is impenetrable.  On the other hand, healthcare organizations seem to be way behind, both in their understanding of risk vs. compliance, and their ability to put a secure computing infrastructure in place. Most of them should probably just move to the cloud. They’re too far behind to pull it together themselves.

On the small and medium business side, two problems exist that can’t be fixed. First, it’s far too expensive to put in the right security measures – these smaller businesses just can’t afford it.  Second, and potentially a larger concern, the small and medium businesses can’t staff people who know what they’re doing when it comes to security.  For one thing, they can’t afford these people. But they also can’t keep them. An experienced security engineer is faced with security issues every day. That’s what interests them, and that’s what keeps them up-to-date and growing. Take someone like that and put them in a small business for 6 months, and they’ll be worthless.  Meanwhile, the larger cloud companies are constantly in motion, pushing their already talented security people up.

Your Advantage – Your Value Proposition

As a reseller or technology provider you have the same edge if you have an MSSP offering. As long as you have enough clients to keep you busy working on security challenges, you’re people will continue to grow. And the more you do, the better you’ll be. The SMB businesses out there benefit greatly from the centralized offerings you provide.

The One Challenge

The one challenge is education. These companies are going to the cloud to save money, not for better security. While they’re thinking about cloud, and before they make the move, is the best time to insert your expertise. Help them figure out what kind of risk them have. Then help them find the best cloud offering, including security. From there, take on their end-node security challenges, and their front line security detection and response program.  Right now is the time to act.

If you’re looking for a better message – consider going through the Security Sales Mastery Program…if you’re a reseller, chances are I can get you a seat sponsored by one of many technology providers you resell.  Give us a call to see if you qualify.

© 2015, David Stelzl

Las Vegas Hotel Rooms are GreatSmall Businesses Need More Security Awareness

Just a few hours from now I’ll be presenting to business leaders in Las Vegas – Sponsored by ProStar

I think one of my favorite things about coming to Las Vegas is the hotels – always a great deal, and if I had brought my entire family (7 kids and one wife), we would all fit in this room (yes, that’s a picture of my room this week.) I could’t fit the entire room in the picture above, that’s just the living room and dining area.  But on to today’s event…

Important News Items (Sound Bites) You Should Know

Last week’s Gartner event bought out the importance of IoT – The Internet of Things. Expect this to be big business in the coming year.  Everything is going to be connected, if it’s not already. This morning’s WSJ reports that 64% of people surveyed think they can manage IoT security…keeping people out.  93% agreed that hacking into someone’s IoT was a form of burglary (which causes me to wonder what the other 7% think), but 64% are concerned that their IoT will be hacked.  Something’s not adding up here.

First, 100% of IoT implementations can be hacked. 100% of it should be considered theft, and it would be foolish for anyone to say they can manage their security without a problem.  We should all be concerned about this – I’ll be addressing this today in our meeting. The more we connect, the easier it is to manage life and business – with the exception of security. IoT is not a security improvement, it’s a downgrade in security.

The Amazon Web Services Event kicked off Last Week in Vegas…What About Cloud Security?

We know from earlier reports that 80% of small businesses will be on the cloud in the next 4 to 5 years. This statistic is old, so we are more like 4 years out now. I expect that to accelerate.  “Researchers in Massachusetts are raising new questions about the security of all multi-tenant cloud environments,” writes Brandon Butler, for Network World.  In a recent interview I did with Sklar Technology in Richmond VA. I pointed out that cloud vendors probably offer a safer world for SMB data than the SMB business itself can provide. I still believe this.  But after conducting numerous follow up assessments across the attendees of last week’s event, Sklar found companies using the cloud but severely lacking in security. They discovered companies with no back up at all, PCs infected with Bots, and host of other issues. These small businesses need security, but they don’t have the time or the resources to keep things up to date and guarded against evolving threats. As Butler points out, the cloud is not secure. In his article he reports that researchers were even able to steal the encryption keys used to lock down the Amazon Cloud data. Now that vulnerability has been patched, but software problems never go away. There’s always one more vulnerability waiting to be discovered. Each one is a likely entry point for hackers.

Today’s Event

Today’s event is just what Small Business Leaders Need. We’ll be meeting over lunch at the JW Marriott, just about 15 minutes off the “Strip”.  ProStar and their partners are hosting this to help educate the Small Business Leader Community – it’s invite only, but completely paid for thanks to the generosity of ProStar and their vendor partners.

© 2015, David Stelzl

PS. Are you a technology reseller?  If so, you might be eligible for free security sales training through the SVLC Security Sales Mastery Program.  We have multiple security sponsors willing to help resellers ramp up these important concepts. Contact us to see if you qualify.