Worries over security issues continue to hinder companies when it comes to the adoption of cloud computing, at least when it comes to sensitive data or mission critical applications. Fears about sensitive data being stored on infrastructure that is shared with that of competitors continue to linger on, but the power of cloud hosting is now actually starting to be touted as an effective method of dealing with increasingly advanced and dynamic threats.
A number of security suppliers are even starting to look to cloud computing as a way of providing them with a competitive edge when it comes to finding and mitigating formerly unknown threats in almost real time. So is cloud computing really able to tackle these new and emerging cyber threats or is it just marketing hype from the security industry?
For a while now security researchers have been claiming that signature-based tech is no longer able to cope effectively with the most recent threats, and due to the fact that attacks are updated so frequently, by the time a threat has been recognised a new variant will have been released that renders impotent any signature-based security systems. Security firm Imperva has conducted research that shows that less than 5% of the top 40 anti-virus programs are capable of detecting previously non-catalogued items to begin with. The research used over 80 viruses that had not been previously catalogued, and many systems took up to a month (or even longer) to update their signatures after their initial scan.
“Enterprise security has drawn an imaginary line with its anti-virus solutions, but the reality is that every single newly created virus may subvert these solutions,” says the CTO of Imperva, Amichai Shulman. “We do not believe enterprises are achieving the value of billions of dollars in anti-virus solutions, especially when certain freeware solutions in our study outperformed paid solutions.”
Because of this and a number of other similar studies, many of those in security research believe that a different approach is needed and that cloud computing may be the answer to future defence against malware. With cloud infrastructure it is possible to scan, analyse and compare software that is unknown with a variety of malware databases. Malware assessment and intelligence can be assessed in the cloud, and it also means that there is no need for the software client to be continually updated, while also offering faster scans and improved effectiveness.