Following the recent SolarWinds and Microsoft Exchange hacks that rocked the IT world, Dell Technologies founder and CEO Michael Dell says the public cloud is no more or less secure than on-premise solutions.
“Public cloud is no more or less secured than on-premise,” said Dell, who runs the world’s largest IT infrastructure company which just recorded a record high of $94.2 billion in revenues for fiscal year 2021. “The reason is that security is about people, and people on both sides can make mistakes and compromise security.”
Dell told CRN US that an organisation can implement the best cybersecurity practices to create a highly secure network. “But, the things that led to a lot of these attacks are human-induced that can occur in a public cloud, can occur in a private cloud – it can occur anywhere,” he said.
Dell’s view is in contrast to Microsoft, who’s Microsoft Exchange Server was recently attacked by Chinese hackers and others. Last month, the software giant released a blog post regarding security concerns stemming from the SolarWinds hack, where the Russian foreign intelligence service took advantage of Microsoft’s technology to broaden their access and persistence in victim systems.
“We were also reminded of the importance of cloud technology over on-premises software,” said Vasu Jakkal, Microsoft’s corporate vice president of security, compliance and identity. “Cloud technologies like Microsoft 365, Azure and the additional premium layers of services available as part of these solutions improve a defender’s ability to protect their own environment.”
All 60 of the Microsoft customers who were attacked through the malicious SolarWinds Orion backdoor had their networks penetrated on-premise, meaning in an on-site server room in their building or on their networks, Microsoft President Brad Smith said 26 February when testifying before the U.S. House of Representatives. Not one of the hacks of Microsoft customers took place in the cloud, Smith said.
Since all these intrusions took place on-premise, Smith said the victims are therefore in possession of the relevant logs, not Microsoft. Once the hackers were in the victim’s network, Smith said one of the things they did was look for the keys or the passwords to get into Microsoft’s cloud services so that they could access victim emails or documents. “Once we did that, we were able to see them,” he said. “Because we scan the [cloud] services that we run every day, with a specific eye towards particular threats. We have a threat intelligence centre that does that. So in each of the 60 instances where there were Microsoft customers that were victims, we identified that they were the victim and we notified them.”
Similarly, the massive Microsoft Exchange server hack Microsoft disclosed 2 March has affected only on-premise versions of Exchange and not Exchange Online or the cloud-based Office 365 email service. Some 30,000 U.S. organizations and 60,000 organizations globally have had emails stolen as a result of the breach since they were still running on-premise versions of Exchange, according to media reports.
FireEye CEO Kevin Mandia agreed with Smith’s assessment, telling the U.S. House of Representatives Feb. 26 that the cloud is one of the rare times in history where something costs less and is better. Specifically, he said infrastructure is more secure in the cloud than on-premise since it’s the responsibility of the public cloud providers to secure the infrastructure.
“You should get better visibility and better controls in the cloud,” Mandia said during his testimony. “And the reason why is you’re putting all your decentralized IP and value into one place. It’s easier to monitor it, and it’s easier to safeguard it. You don’t have distributed security controls at this point.”
However, some solution providers say having on-premise best-of-breed security technologies has been more effective for their customers security, while large cloud provides are also a much bigger target for hackers.
Rob Steele, chief technology officer at Sanford, Fla.-based solution provider SkyHive, said there’s a misconception in the market that somehow the public cloud is better secured than on-premise or hybrid environments.
“The common misconception and sometimes wrongful selling point is that public cloud is ‘more secure’ than on-prem. This usually leads to lighter security practices as compared to typical approaches in the enterprise,” said Steele. “The same security practices should be applied anywhere and everywhere data and applications live.”
Steele said people and employees will always make or break security, especially in the new hyper connected world and remote workforces of today. “Companies need to deploy solutions with intrinsic security and automated checks to help reduce human error or negligence wherever their data may live.”
Michael Dell, who is also the chairman of VMware, says Dell Technologies is focusing on creating intrinsic security with its own cybersecurity products alongside tight technology partnerships with the likes of VMware and Carbon Black, which VMware acquired in 2019.
“All the focus we have on intrinsic security with the work we’re doing with our alliance with VMware, with Carbon Black, inside [VMware] NSX as we virtualize the network providing more security through segmentation – these are all significant elements of providing customer with a highly secure environment,” said Dell. “But make no mistake, it’s a multi-cloud environment. So customers aren’t saying, ‘Oh it’s the public cloud or the private cloud.’ It’s both. Now it’s multiple public clouds, it’s the private cloud, its colocation, and now of course you have edge.”