Before the cloud, every huge enterprise had a data center with walls, guards, fences and locks to secure critical data. Now, organizations of any size can use the world-class data centers run by Amazon Web Service (AWS), Microsoft Azure or Google Cloud Platform.
While those providers offer some security measures, organizations operating in the cloud need to consider what virtual protection they’ll use above and beyond what the providers give, or don’t give.
That’s where Cohesive Networks comes in. If you don’t understand how the cloud works—the cloud being internet-based computing that provides remote data storage and shared computer processing resources—the cloud can seem a bit like magic. In what Cohesive Networks calls a “space full of vendors selling magic,” the company bills itself as honest Midwesterners and cloud advisors.
The Chicago-based company specializes in security and networking software for enterprises using public, private and hybrid clouds. Today, more than 2,100 global enterprises use Cohesive Networks’ VNS3 software, which improves cloud connectivity and security.
“Most cloud providers, including AWS, offer secure transit for data traveling to the cloud, but not within the cloud,” says Patrick Kerpan, Cohesive Networks’ CEO and co-founder. “For example, if you save valuable company data in a public cloud, your provider guarantees it is safe to the cloud, but once it is inside the cloud network, it could travel ‘in plain text,’ or unencrypted, between data centers in a region.”
VNS3 boosts security by encrypting all data in transit. It works on top of, or in addition to, virtual networks offered by public cloud providers.
Added network security helps companies like SambaSafety, which gathers driver safety information from state, territorial and government agencies on people operating commercial vehicles. SambaSafety then disseminates that information to its end customers, who use the data to make personnel decisions.
SambaSafety operates in AWS, and it must make sure personal records, like driver’s license numbers and motor vehicle records, are secure and encrypted from point A to point B. SambaSafety uses Cohesive Networks’ VNS3 and VNS3:ha software to do just that.
The value of secure data
For companies like SambaSafety, Cohesive Networks provides a kind of insurance against costly data breaches.
The 2016 Ponemon Institute Cost of Data Breach Study states that the average cost of a breach was about $3.8 million, and high-profile breaches, like the one Target experienced in 2013, can cost as much as $162 million.
According to the Rightscale 2016 State of the Cloud Survey, more than 95 percent of organizations use cloud computing. As applications—including customer relationship management, enterprise resource planning and database systems—move to the cloud, the critical data they hold is moving outside traditional data centers.
“When I mention critical data, I don’t just mean credit card details or social security numbers, but any bit of information that’s important to run your business,” Kerpan says. “For retailers, that is credit card data, plus supply chain details, customer loyalty trends or upcoming product announcements. For organizations in all industries, losing critical data costs money, time and loss of customer confidence.”
As data sprawls, Kerpan says, organizations need to assume their data is in danger and to better secure data as it travels across networks and lives in shared environments.
“As more enterprises use the cloud to grow their businesses, security should focus on preventing data breaches and vulnerabilities, not building a better data center,” Kerpan says. “Because cloud providers own and secure the hardware, modern security-focused organizations should focus on encryption and security for each application.”
Often, simply meeting regulatory checklists is not enough—Target was in compliance with the Payment Card Industry’s (PCI) checklists when it was hacked. PCI compliance, HIPAA (Health Insurance Portability and Accountability Act) data privacy requirements and European Union data privacy laws have different rules, but they all get at the same thing: protecting personal details.
“Rather than simply avoiding liability, organizations need to refocus on securing critical data everywhere,” Kerpan says. “Organizations of all sizes and industries should assess their current cybersecurity capabilities and constantly improve and maintain security.”
Layering additional security on AWS
One of Cohesive Networks’ clients, Geezeo—a software services provider for banks and credit unions—has firsthand experience in this area. Geezeo has operated in AWS since 2009, and because it works in the highly regulated financial services industry, its products and connections must be very secure.
Geezeo initially considered building its own traditional data centers, with physical Cisco networking devices, but quickly realized this system was eating into its profits. Geezeo decided to transition to the cloud and worked with Cohesive Networks to build its own private network on top of Amazon’s infrastructure.
Geezeo used VNS3 to secure connections between cloud-based applications and customers’ data centers and to gain insight and control into that traffic. Now, Geezeo’s Chief Technology Officer James Elwood says the company can “manage all of the connections from a single control point and offer reliable, manageable and secure [data transport].”
Today, Geezeo has more than 240 customers, and it brags of no major data outages since partnering with Cohesive Networks.
“From our experience,” Kerpan says, “re-focusing security at the application layer means our customers have attestable control of their data. They know their applications are safe in the cloud, in data centers and as they travel across the public internet.”
Showcase your feature on your website with a custom “As Featured in Toggle” badge that links directly to your article!
Copy and paste this script into your page coding (ideally right before the closing