Cloud computing in Asia Pacific, especially in Singapore, is growing constantly in importance, and with its growth comes an increasing demand for cloud security. According to research firm IDC, the cloud computing market in Singapore is forecast to grow to about US$1b ($1.4b) by 2017.
Singapore is gearing up to be the world’s first Smart Nation, and cloud computing is expected to be a pivotal part of its infrastructure. The Smart Nation is powered by big data, and the data transmitted within the cloud must be protected with encryption. However big data also brings its own set of complications to cryptography. Whilst encryption is the key to protecting sensitive data, it can also mask the misdeeds of malicious attackers and deny security staff the visibility into the communications to and from the cloud.
Traffic unseen in the cloud
In the ever-changing cloud computing landscape, unmanaged encryption can put organisations at risk. This applies equally to the Smart Nation as well as to enterprises that are moving or have moved to the cloud. Whilst hosted cloud environments are becoming mainstream, the traditional network architectures are still employed, and require support for management and monitoring of third-party encrypted access.
However when faced with such situation, many IT administrators simply let the encrypted traffic flow freely in and out of the network environment. This creates obvious risks as the lack of visibility and limited content control in encrypted channels may enable a covert method for infiltrating the network and/or for exfiltration of sensitive data.
Singaporean utility company requests privileged access monitoring
Like many large organisations, one of the energy and utilities companies in Singapore utilises cloud hosting services to achieve significant efficiency, flexibility, and cost advantages. In 2016 they invited tenders from Cloud Service Providers (CSPs) in Singapore to provide a comprehensive cloud service (with security) offering. Their requirements for security were:
- Monitoring and auditing the privileged user activities in encrypted traffic (in real time)
- Providing a logging mechanism to log all activities for forensic purposes
- Enabling self-service provisioning and management of privileged users
This is not a standalone business case but similar requirements for cloud security service have become common.
Ensure privileged session monitoring in cloud
Traditionally, conventional enterprise privileged access solutions utilised gateways and focussed on interactive users. But this is no longer sufficient – the ongoing migration to the cloud has turned cloud service providers and cloud-using organisations to more advanced security solutions.
If organisations are going to or have already moved to the cloud, advanced privileged session monitoring solutions are definitely needed; and they should be able to:
• Provide logs, centralised management, visibility for all encrypted privileged access
• Filter and proactively detect suspicious traffic
• Monitor privileged sessions (with record and playback functionality)
• Deploy in both public and private cloud environments, without interfering with user and business workflows
• Enable flexible deployment and adaptability to changes in cloud and network environments
• Gain accountability for the shared accounts in the cloud-hosting environment
When organisations use outsourced cloud service, it is highly recommended to select a reliable CSP with a good security track record, i.e. being certified the Multi-Tier Cloud Security Standard by Infocomm Development Authority of Singapore (IDA). More importantly, the CSP needs to be able to deliver secure service offerings and take a variety of stringent measures to their critical access governance so as to ensure the transimitted data is safe and their servers are secure.
The views expressed in this column are the author's own and do not necessarily reflect this publication's view, and this article is not edited by Singapore Business Review. The author was not remunerated for this article.
Do you know more about this story? Contact us anonymously through this link.
Ricky Ho is the vice president of SSH Communications Security (SSH) for Asia Pacific Region. Prior to SSH, he was regional director at McAfee for Hong Kong, Taiwan, and Macau. Before joining McAfee, Ricky served as the managing director in companies such as TippingPoint and Fortinet. He has also served as the Country Manager of NetApp.