Adoption of cloud services continues to grow among enterprises worldwide for strategic and tactical benefits. While a few years ago, the cloud remained an interesting concept that most organizations were wary about, nearly every organization has migrated a portion of its IT infrastructure into a cloud model. Gartner estimates the worldwide public cloud services market to touch $246.8 billion in 2017, growing 18% since 2016.
However, security remains one of the top concerns for organizations in the cloud. According to reports by Gartner, IDC and Goldman Sachs, 74.6% of organizations ranked security significant or very significant among various challenges/issues ascribed to a cloud/’on-demand’ model for IT infrastructure.
An increasingly mobile workforce, ever expanding enterprise perimeter and business drivers for an extended enterprise ecosystem are forcing enterprises to consider moving their core applications and business processes into a cloud-based infrastructure. However, the convenience of scale and cost savings that cloud offers also comes with an added element of cyber risk.
As cyberattacks become more and more sophisticated and inexpensive to execute, the security risk of moving to the cloud becomes more pertinent. In addition, existing solutions available in the market employ conventional perimeter-based defense techniques of cybersecurity, which may not be as effective in securing data in a cloud-based infrastructure.
Protecting a virtualized environment like the cloud requires a similar approach to security. Unlike traditional cybersecurity solutions, a Software Defined Perimeter (SDP) architecture integrates the principles of device authentication, identity-based access and dynamically provisioned connectivity to offer higher resilience against network attacks. Adopting a security model based on the SDP architecture makes it possible for organizations to protect their cloud servers from all kinds of network attacks, including DDoS, Man-in-the-Middle (MitM), Server Query (OWASP 10) as well as Advanced Persistent Threats (APTs).
The need of the hour, however, as cybercriminals employ more sophisticated techniques to launch attacks against enterprises, is for a future-proof cybersecurity approach which can protect enterprises’ critical infrastructure in the cloud not just from present day cyberattacks, but work just as effectively in the future as well. Blockchain technology offers a much-needed solution to protect against next-generation cyberattacks.
A Blockchain Defined Perimeter (BDP) leverages enhanced SDP architecture, along with blockchain and TLS and SDN technologies, to ring fence an enterprise’s cloud servers, and only allow authenticated users to gain access to data stored in these cloud servers. At the same time, the BDP also harnesses blockchain based digital signatures to identify and authenticate authorized users and devices, and give them access to data stored in these cloud servers.
The concept of the BDP merges benefits of the SDP like giving centralized control to authorized users via a secure medium with the benefits of blockchain technology like decentralization, cryptographic encryption, immutability and consensus-based control. The resulting architecture offers organizations an opportunity to tackle current as well as future cybersecurity challenges in a smarter, faster and distinctly more effective manner.
Using the BDP, organizations can secure critical information in the cloud, offer cryptographically secure digital identity and access management, and render their cloud servers locked down and invisible. This approach makes it nearly impossible for hackers to detect and launch attacks against enterprises’ cloud-based infrastructure, provides best-in-class encryption for secure access. In addition, it enables organizations to maintain immutable and tamper-proof logs and records on the blockchain about access to data in the cloud.