A web application firewall (WAF) should be a critical cybersecurity tool for data storage and backup professionals. Many storage and backup applications are cloud-based or delivered as software-as-a-service (SaaS). Hence, they are more vulnerable than to cyberattack.
The last thing an organization wants is key data sitting in its various storage repositories compromised, its backup systems corrupted, and its storage and backup systems used to infiltrate other areas of the enterprise. Here are some of the top trends in the web application firewall category to help storage pros:
1. Protecting Cloud Storage
A web application firewall is typically used to protect web applications from malicious attacks. It is not specifically designed for storage or backup services.
Vendors that implement web-based storage or backup service could improve security by incorporating a WAF to protect the user interface and HTTP-based storage access APIs.
“In other words, WAF would protect the web application front end of the storage or backup service and would not be responsible for protecting the actual storage and backup infrastructure and the data stored or backed up by the service,” said Doron Pinhas, CTO, Continuity.
Further levels of protection are needed.
See more: 5 Top Cloud Storage Security Trends
2. Include Regular Firewalls to Protect Cloud Storage
Web application firewalls, then, only protect certain aspects of cloud storage. They need to be supplemented with regular firewall capabilities.
Most cloud providers recommend using firewall filtering to regulate network access to storage services, such as Azure network security group (NSG), AWS Virtual Private Cloud (VPC), and Google Cloud firewall. All these firewall services facilitate configuration of rules that allow or deny traffic to data storage resources based on the source IP address, protocol, and port range, said Pinhas with Continuity. Additional related capabilities and best practices are provided by some of the cloud vendors.
“For example, Microsoft Azure storage firewall is offered to restrict access to the storage account to specific IP ranges or to specific Azure services,” Pinhas said.
3. Targeting Data
Robert Anderson Jr., chairman and CEO of Cyber Defense Labs, made it clear why such safeguards must be in place. Storage centers, he said, have been targeted a great deal over the last several years.
“Data is power, money, and leverage, so the bad guys go where the data is,” Anderson said.
Yet, many companies don’t understand why they are a target, as they don’t think they possess much in the way of valuable data. Anderson explained that they need to look past what they think and realize cybercriminals target the company’s employee health care and payment card industry (PCI) data as well as personally identifiable information (PII).
“Plan and talk about this as a leadership team way before it happens,” Anderson said. “This trend continues to grow, and the attacks are getting harder to spot, prevent, and remediate.”
4. Browsing Security Challenges
In just a few short years, the rise of digital transformation and hybrid work have transformed the web browser from a largely leisure-time application into the fundamental workplace productivity tool.
For the average enterprise employee today, the web browser functions more like a central operating system than just another application — serving as their primary gateway to the digital world of work.
As such, organizations are beginning to recognize the urgent need to secure and manage this layer in a more comprehensive fashion. This includes the securing of the many web-based storage and backup systems used in modern organizations.
“In 2023, we’ll see browsing security and management go from a secondary consideration to a central concern and point of security for organizations both large and small,” said Tal Dery, co-founder and CTO of the secure web browsing provider Red Access.
“Browsing security will become top priority for enterprises.”
5. Beware Ransomware
Roughly 68% of all global organizations have fallen victim to at least one ransomware infection, as of 2022. That figure will continue to rise in 2023.
But think for a moment about the implications for storage and backup systems. The whole point of ransomware is to lock you out of your data and prevent you from accessing what is contained in storage systems. Cybercriminals encrypt your data, rendering it unusable unless you pay up.
Similarly with backup, the cybercriminals either encrypt backup files, so you can’t open them — or they insert malware into backups, so when you carry out a restore after a ransomware incident, you end up just reinstalling the malware.
“The commodification of offensive hacking tools, sold primarily on the dark web, has dramatically reduced the barriers to entry into the ransomware business, and the promise of million-dollar paydays has encouraged new entrants in droves,” said Dery with Red Access.
“In 2023, watch out for the continued growth of double-extortion tactics, in which threat actors both encrypt and exfiltrate sensitive data, which they then sell for a second payday.”