The Security of Cloud Services and SaaS, Part 2

In Part 2 of this series, let’s take a look at the Technology Secured at Scale of cloud computing and the security benefits of centralised SaaS computing.

Daniel Ayala will be posting articles about information security, privacy and compliance in our blog. Throughout his 25 year career, he has led security and privacy organisations in banking and financial services, pharmaceutical, information, higher education, research and library organisations around the world, and both writes and speaks regularly on the topics of security, privacy, data ethics, and compliance. He also happens to be LabArchives Chief Information Security Officer!

Part 2: Technology Secured at Scale

Greetings LabArchives Reader,

Security & Monitoring

There’s a significant benefit to having a single entry point into your network; you can see all the traffic going in and out. One can detect attacks and respond quickly to what is identified as malicious. Coupled with information sharing amongst companies about the types of attacks that each saw and the use of automated blocking tools, this model served us well from a security perspective for nearly 30 years.

With the entrance of the most widely-used enterprise SaaS systems such as Office 365, Google Workspaces, ServiceNow and Workdays, the gravitational centre of the enterprise began its shift out of the local data centre. Layer on a more mobile workforce, working from laptops, phones and tablets, and the expectation that a device would be visible to the internal corporate or university network could no longer be guaranteed, and with it went the ability to have a single security visibility point or choke point. Google chronicled this new operational model as BeyondCorp, and a monumental change in securing applications, data and devices began.

With this shift away from the central, internal network, a new aggregation point for security intelligence arose: the cloud service provider. According to a recent Canalys research report, the three top cloud hosting providers, AWS (32%), Microsoft Azure (19%), and Google Cloud (7%), now account for well over half of all cloud hosting globally. This trend means that there is a new aggregation point for monitoring and intelligence on attacks. It is a view more comprehensive than any one enterprise reconnaissance or threat intelligence efforts could achieve.

The benefit of scale and gravity also extends to security research and development and staff expertise. Major cloud providers have an incentive to build secure infrastructure and keep it secure as that is the whole of their business. Investments in new security techniques and technologies are core for them. They can often invest more significant amounts and make more progress on securing their environments because it is their business; contrast this with the sometimes-held idea that security is a cost for organisations rather than an investment, enabler, or even a competitive advantage.

Also, when security innovations are added into these cloud services, they can be quickly adopted by all the many applications built upon that cloud provider’s offering, thus improving the overall security of the Internet without cost to or requiring significant effort by the hosted organisations themselves. The most basic premise that continuous improvement in security by major hosting services and the following quick adoption by cloud SaaS companies is a hallmark of the essential security benefit that comes with cloud services.

Latest Blog Posts

The NIH 2023 DMP requirement encourages researchers to proactively plan for data sharing, with the expectation that data sharing will become an integral part of regular research conduct. In this article, we provide an overview on data repositories and how to identify compliant repositories that are most suitable for the data you are expected to share.
The NIH 2023 DMP requirement encourages researchers to proactively plan for data sharing, with the expectation that data sharing will become an integral part of regular research conduct. In this article, we summarize the types of the data you should expect to share and best practices that you should start familiarizing yourself with to be best prepared.
Adopting a modern electronic laboratory notebook (ELN) like LabArchives to support best practices in data management, lab connectivity, collaboration and research reproducibility can help position institutions for a successful REF 2029 review.
The purpose of this document is to outline the key components of the NIH 2023 Data Management and Sharing (DMS) policy

Get started with LabArchives today

Start for free and upgrade as your team grows