Sixty percent of corporate data is now stored in the cloud according to research published by Statista Inc. This figure represents a steady rise from 30% in 2015 and is expected to continue to grow. Mirroring this adoption, the cloud storage market is expected to grow at a 24% compound annual growth rate to reach $376.37 billion by 2029.
Amazon Web Services Inc.’s Simple Storage Service, better known as S3, now holds over 200 trillion objects. Tens of thousands of companies use the service, which is known for its nine nines durability. But object durability and data security are two different things. Cloud storage is infamously easy to misconfigure, and recent research showed that 90% or more of S3 buckets are vulnerable to exploitation. Companies need to make sure data is protected, but security teams are battling against the speed required in DevOps pipelines and too often the complexity of securing data means that speed wins the fight.
“This notion of offering simple integrations without slowing down the process, that’s the key factor here [and] is what we’ve been after,” said Ed Casmer (pictured), founder and chief executive officer of Cloud Storage Security. “We are about simplifying the cloud experience to protect your storage.”
Casmer spoke with theCUBE industry analyst John Furrier in advance of the “Cybersecurity — Detect and Protect Against Threats” event, an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio, airing on Sept. 7. They discussed securing data in modern cloud storage environments. (* Disclosure below.)
Fixing the cloud storage security blind spot
Cloud Storage Security (CSS) is a company that does what it says on the box. Differentiating from the crowded market of cloud security solutions, CSS moved in to fill an important niche that was being forgotten.
“When it comes to the data, everyone thinks, ‘Oh, I’ve blocked access. I’ve used firewalls. I’ve used policies on the data,’ but they don’t think about the data itself,” said Casmer, describing the “blind spot” many companies have when it comes to securing data once it is ready to be consumed. “If you’re not ensuring that that data is safe, then you’re in big trouble. We’ve seen it over and over again.”
The company is a “pandemic story,” as it launched in February 2020, right before the world went remote and data took hold as the definer of digital era success.
“What’s been happening now, and you see it with the move to cloud especially over the on-prem storage sources, is people are starting to put more data to work and they’re figuring out how to get the value out of it,” said Casmer, quoting a study by the University of Texas that found that a 10% increase in data usability would translate to $2.87 million in additional annual income for the average Fortune 1000 company.
Cloud Storage Security set out to protect object storage, specifically S3 ,which the company saw as vulnerable, with its lightweight, highly scalable solution.
“Amazon has the notion of access, and that is how they protect the data today, but not the packets themselves, not the underlying data,” Casmer stated.
CSS ensures the data is clean and that owners have awareness of what their data is and the types and locations of files they have out in the cloud, “especially as they drift outside of the normal platforms that you’re used to,” he added.
Misconfigurations where companies are accidentally exposing write permissions are a “worst case scenario,” according to Casmer. He described a recent incident where a major API vendor unknowingly opened writes to their buckets. Of course, the vulnerability was exploited by criminals who added malicious code to the company’s APIs. This was then unwittingly downloaded and consumed by the vendors’ customers.
More moving data requires more complex cloud storage security
Expanding out from the original notion of confirming configurations and verifying that data is safe for consumption, CSS now offers protection for both objects and files in cloud storage, allowing companies to detect and manage malware and other threats within their cloud-native workloads.
“At this point, we’ve scanned billions of files for customers and petabytes of data and we’re seeing that it’s such a critical piece to that to make sure that the data’s safe,” Casmer stated.
As data becomes currency, companies are sourcing data resources from different locations to feed machine learning models and increase the accuracy of insights. Often these companies process these data sets and redistribute them to others. A common scenario where this happens is through data ingestion pipelines, according to Casmer. Another is when a critical piece of data is moved around, as with healthcare records, pharmaceutical research and financial information. At this level, data safety is not just about correct configurations and checking for malicious content.
“You have complete coverage and control and awareness over all of your data,” Casmer said.
CSS’ highly scalable serverless solution is designed to provide this level of data oversight. It is built on AWS Fargate containers and provides native integrations through either S3 or APIs.
“When we deploy our solution, we provide a management console for [users] that runs inside their own accounts,” Casmer explained. “So no metadata or anything has to come out of it, and it’s all push button, click. And because the cloud makes it scalable, because cloud offers infrastructure as code, we can take advantage of that.”
CSS also makes sure that companies are complying with data governance and regulatory statutes. By scanning close to the data and in the customer’s account, CSS enables the company to retain its chain of custody.
“It really makes it a piece of cake, as silly as that sounds,” Casmer said. “When they say go protect data in the Ireland region, they push a button, we stand up a stack right there in the Ireland region and scan and protect their data right there. If they say we need to be in GovCloud and operate in GovCloud East, there you go — push the button and you can behave in GovCloud East as well.”
Looking to the future, Casmer predicts that “all of the cloud storage platforms, Amazon WorkDocs, EFS, FSX, EBS, S3, will all come together.” Aiming to meet that future, CSS is evolving its solution to meet “all the storage needs,” according to Casmer. “That’s our goal right now and where we’re working towards,” he said.
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s pre-event coverage of the “Cybersecurity — Detect and Protect Against Threats” event:
(* Disclosure: Cloud Storage Security sponsored this segment of theCUBE. Neither CSS nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.