Supporting the entrepreneurial spirit

Categories:
Inside the ECi Cloud: The Cornerstones of a Successful Cloud Service

Inside the ECi Cloud: The Cornerstones of a Successful Cloud Service

By Glenn Kimball

Part 2: Security

In Part 1 of this series on ECi’s cloud ecosystem, we discussed the infrastructure necessary to host a cloud environment and how resiliency and redundancy are key to maintaining the integrity of the system. We talked about our datacenters and our best-in-class public cloud infrastructure and how that infrastructure will help keep your business running 24/7.

Let’s take a quick trip back to medieval times. You’ve got your castle, complete with surrounding moat. You’ve got a thick, strong drawbridge that opens over the mote and closes, a completely encircling outer wall, and an army surrounding that outer wall to protect against any invasion. Plus, knights are close at hand to guard you personally. You are safe and fully protected, right?

No, you are not fully protected; it takes more than an army and walls and moats to safeguard the castle from threats. It’s the same with your software system and data---full protection requires a lot more than infrastructure alone; it requires constant testing of the security system and processes until they break.

Consider the following scenarios:

  • Attackers hurl large objects at your castle walls until eventually a hole develops allowing access
  • Attackers find your secret escape route (there’s always one, isn’t there?) and gain access
  • Attackers adopt “Trojan horse” tactics and are inadvertently permitted to come in
  • Under the guise of friendship, one of your sentries invites in a mercenary, only to be deceived
  • An attacker gains access, takes a hostage, and demands a ransom for safe return

Now instead of picturing a castle, imagine that it’s your data that’s being attacked. In addition to a constant barrage of malware, viruses, and trojans, ransomware and even human error (we’ve all been fooled at least once, right?) leave data vulnerable.

Look at the following statistics:

  • In 2017, cyber-attacks cost small and medium-sized businesses an average of $2,235,0001
  • 60% of small businesses say that attacks are becoming more severe and more sophisticated1
  • 43% of cyber-attacks target small business2
  • 92% of malware is delivered via email3
  • 58% of malware attack victims are categorized as small businesses3
  • During 2017, 61% of small businesses reported that they had experienced a cyber-attack1

Security requires vigilance

Security is a constant battle and it’s no different for small businesses. Every time you forget to update virus protection, your employee clicks on a phishing email, or your employees use their personal devices for work purposes, you could be open to attack.

Where do you keep your data backup? How often do you back data up? An even better question is, how often do you test your back-up system? Have you tested your back-up system, or do you simply trust that in the event of a breach, you’ll be able to plug in your back-up system and it’ll upload everything in one quick, smooth step?

Here at ECi, we go beyond our infrastructure that includes multiple datacenters and our redundant and resilient approach; we protect ourselves and our customers in the following ways:

  • Network intrusion detection and prevention: catch and eliminate attacks as they happen
  • Data encryption (in transit and at rest): hide the true data even if it were to be seen
  • End-point protection: proactively prevent viruses and malware from doing damage
  • Vulnerability management and patching: security vulnerabilities are evaluated and operating systems(OS) and applications are patched on a regular basis
  • Security incident and event management: consolidation of security and system data allows us to identify potential security issues
  • Threat assessment: evaluation of security events against a global threat database
  • Backup and recovery: protection of data and systems just in case of compromise
  • Penetration testing and security scanning: proactively identify and remediate flaws

You benefit from ECi’s ability to provide increased data and system protection

One of the key benefits of ECi's cloud, is that we're not just one business trying to protect itself. We bring the demand of all our customers to bear and that gives us the leverage and buying power to get the best security possible and the most attention from security providers in the event of an issue.

ECi has the layers of security, resiliency, economies of scale, and leverage to bring the solutions you need to your doorstep without an on-premise investment. This frees you up to focus on your core business.

In my next post, we’ll explore penetration testing and threat analysis, and how ECi proactively eliminates data vulnerabilities.

1Ponemon 2017 State of Cybersecurity in SMBs Report
2Symantec 2016 Internet Security Threat Report
3Verizon 2018 Data Breach Investigations Report

Glenn Kimball

About the author

Glenn Kimball serves as the Chief Information Officer for ECi. He is a seasoned technology executive with a passion for the entrepreneurial spirit. Glenn leads the delivery of ECi’s cloud-based SaaS solutions, the constant evolution of our cybersecurity stance, and the management of corporate information technology operations.

facebook-icon facebook-icon linkedin-icon linkedin-icon twitter-icon twitter-icon blog-icon blog-icon youtube-icon youtube-icon instagram-icon instagram-icon Bookmark this page Google +