7 critical considerations for choosing a cloud security provider
Keeping your data safe equires forward-thinking approaches to cybersecurity. Learn how you can augment your existing on-premises infrastructure with security measures in the cloud for a more robust web security posture.
What is the cloud and why does it matter
The cloud is a network of servers housing data, software, and services. Cloud services are commonly accessed via the Internet, instead of locally in a data center. Businesses are increasingly relying on the cloud for cybersecurity for two key reasons:
- Due to a changing threat landscape, there’s a need for more scale, accuracy, experience, and collective intelligence. These resources are out of reach internally for most organizations.
- There are fundamental limits with on-premises hardware mitigation appliances and enterprise data centers for Distributed Denial of Service (DDoS) and web attack protection
Doing the math, a real-world example
Actual attacks mitigated on the Akamai platform illustrate the importance of scale. One of the largest DDoS attacks Akamai mitigated for a single customer peaked at 623 Gigabits per second (Gbps). That said, the average size DDoS attack observed in 2016 was a little more than 5 Gbps.
Even if your DDoS mitigation hardware touts 100+ Gbps throughput, it is probably not enough. An average-sized 5 Gbps DDoS attack can quickly overwhelm most network pipes, rendering any appliance-based solutions inside your data center useless.
This means you’re a sitting duck, wide open to malicious cyberattacks.
What you should look for in a cloud-based cybersecurity solution: multiple layers of protection, best of breed technology, and depth of resources
It’s unlikely that any single piece of software, hardware, or one-dimensional service will effectively protect against cyberattacks. Rather, a multi-layered approach combining cloud-based solutions with skilled human resources provides the best protection.
Here are seven critical factors you should look for in a cloud security provider:
- Scale and capacity
Today’s threat environment calls for extreme scalability requirements and consequently, the adoption of cloudbased security solutions. However, it can be difficult to determine how much scale is enough. Many vendors say their capacity can handle the largest DDoS attacks, but this is not necessarily true. You need to go beyond a vendor’s stated top-line capacity numbers to really understand if that capacity will be available when you need it.
- Flexible, Adaptable, and Customizable Solutions
DDoS scrubbing vs. Content Delivery Network (CDN)-based security services: Which solution or combination of solutions makes sense for your organization’s needs? Keep in mind that the regional distribution of scrubbing centers may affect performance, so ask about the locations before you choose a vendor.
Comparing vendors’ accuracy claims -like false positives and false negatives- is tricky. Just using numbers is meaningless unless both were measured with the same test. Many times, a vendor will tout a high accuracy rating from a third-party test without noting that every other vendor tested also scored well. Make sure you’re comparing apples to apples.
- Collective Intelligence
Cloud-based vendors often claim to provide collective intelligence, but really useful intelligence can only come from a massive universe of clients of all sizes, many networks, and mega traffic. For Akamai, this kind of intelligence and ongoing threat research enables us to keep our Kona Rule Set continually updated and leverage incidents discovered at a single client to protect every client.
- IP Reputation
IP addresses are scored based on past behavior, such as DDoS attacks, web attacks, or scanning and scraping activity. Akamai’s unprecedented view of web traffic, advanced heuristics, and algorithms creates a finely tuned reputation score for every IP address that crosses our platform.
- Guaranteed Time-to-Mitigate
You should expect contractual Service Level Agreements (SLAs) specific to the speed and quality of mitigation. A response-time SLA only promises that a vendor will start looking at your attack quickly. It still does not explain how long it will take to mitigate the attack once they start investigating it.
- The Human Factor, Comparing Security Operation Centers (SOCs)
The SOC has the people that support you when you come under attack. The quality of service you receive is directly related to the quality of the SOC. By asking the right questions, you can better compare different SOC organizations. Find out how many people are in the SOC, how many facilities that represents, and how they handle overlapping shifts. For example, Akamai’s SOC is a global network of five facilities staffed with 150 experts to handle security issues on an organizational and technical level. Our SOC mitigates more attacks than anyone else, and has been doing so for 12 years – longer than anyone else.
The best cloud security approach is to layer multiple, best-of-breed technologies on top of each other. This delivers multiple layers of defense that have different strengths and weaknesses, making it harder for an attacker to penetrate through to your data and applications.
True multi-layered security – which is the industry-accepted approach – means a serious consideration of best-of-breed cloud- based technology, such as Akamai. Our security cloud can complement existing on-premises solutions you may already have today.