In the traditional office setup (which now feels like a distant memory to most), your Chief Information Security Officer or Chief Technology Officer was sat just over there, in full view. You could see them – and they could see exactly what was going on; who was in the office on which days, who needed access to what and when, the devices being used and for what applications. The attack surface area was pretty big – but it was largely visible and therefore manageable.
And then it all changed. The attack surface area grew. And it grew wild. Living rooms, bedrooms and kitchen tables became the office. Personal devices once used for sending the odd work email or checking your LinkedIn messages were suddenly being used to download a whole myriad of apps – for working, shopping, learning and, potentially, the ubiquitous online family quiz. Our entire lives blended together on one device, possibly (shudder) all under one identity.
Hello? Is anyone there?
So, it’s fair to say that in this new and changing world, our poor CISOs just don’t have the same visibility they once had; changing employee behaviour (9-5 is so old school) and the use of personal devices across home networks have culminated to create dark corners and blind spots. Providing attackers with the perfect secret battleground to commit their crimes.
"A fundamental shift in security"
A 2021 VMWare Global Security Insights survey of 3,542 CIOs, CTOs and CISOs, reported that there is “recognition of a fundamental shift in security”. And a shift at board-level is exactly what the industry needs. As Rick McElroy, Principal Cybersecurity Strategist at VMWare, puts it “One industry that has not been disrupted by COVID-19 is cybercrime.”
61% of agree they need to view security differently now as the attack surface has grown – and 63% know they need better visibility over data and apps to pre-empt attacks.
These stats might provide a ray of hope to those who have been concerned about the seemingly slow adoption of SMEs to secure their business in the cloud.
But there are some practical things you can do to improve visibility in the cloud
1. Increase visibility. Whether this means increased monitoring and reporting – or actual physical visibility as an educator and leader. Openness, education and communication are key – if employees can come to you for advice and support, the surface attack area will likely be reduced – simply because your people are listening.
2. Implement policies that will prevent users from downloading apps from untrusted sources. Third-party applications are the top cause of breaches so this is particularly important. Educating teams around downloading and using apps should form a part of any new starter process.
3. Regularly review policies and configurations. Situations change, people change…sometimes very quickly. Staying on top of these things as they happen will help prevent blind spots from appearing. Don’t wait for a major digital transformation project…small actions are good, too.
4. Use company-owned devices to put control around identity and access management back into your hands. Centrally managed devices also make the starter/leaver process much easier to manage. Easier and more secure. It’s win-win.
This article was originally posted 18 January 2022 and updated 15 February 2024.
We regularly post content including tips on how to improve cloud security in Azure and Microsoft 365. Sign up for alerts so you don't miss out!