By Kevin White
In today's growing market, we are seeing customers of all sizes migrate to the cloud for a variety of reasons. The cloud is certainly showing its value in the market, from the small developer looking for a free, disposable, or cost efficient server to large corporate customers looking to optimize IT agility and expenses.
Unfortunately, whether it's cloud or traditional managed services, many clients opt for nothing more than an anti-virus application and perhaps a firewall to cover their information security compliance requirements. However, as attacks grow more sophisticated and Advanced Persistent Threats (APT) grow more prevalent, using nothing but anti-virus and a firewall can leave gaps in your security profile, exposing you and your customers to unnecessary risks.
To get an idea of the risks you might face, consider this article - MySQL servers hijacked with malware to perform DDoS attacks. In this case, the attacker was able to upload a Trojan Horse application directly into a database, most likely through a SQL injection. An Intrusion Prevention System (IPS), unlike an anti-virus application, would have detected the SQL injection attempt and blocked it at the web interface. However, because the system was inadequately protected, the attacker slipped the Trojan Horse past...