The absence of tools specifically designed for identifying and securing cloud-based storage has resulted in vulnerabilities in data protection. Consequently, a significant number of organizations face attacks, with nearly half experiencing such attacks on a regular basis — daily, weekly or monthly, according to a recent report from Cloud Storage Security.

Setting up and securing the cloud involves dealing with both technological aspects, which include implementing automation and utilizing tools. With such gaps present in the cloud security space, users may rightly ask what they can do to solve the issue and protect their data, their business and the integrity of their customers, according to Ed Casmer, founder and chief technology officer of Cloud Storage Security, a company dedicated to solving the security and compliance challenges surrounding data storage in the cloud.

“We saw that there weren’t cloud-native tools out there solving the simple task of identifying your storage and securing your storage,” Casmer said. “We really came to market thinking about how we can help you answer the questions: Is my data safe to use? Is it not too sensitive to share? And do I know exactly what I have and where it is?”

Casmer spoke with theCUBE industry analyst Lisa Martin, during a CUBE Conversation ahead of the “Cybersecurity” AWS Startup Showcase event on September 14, an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed data security in the cloud and marketplace solutions that can help companies secure their data in the cloud and defend against ransomware and other threats. (* Disclosure below.)

Cleaning your data

Cloud storage security is crucial for organizations, as it helps mitigate the threats of ransomware, malware and data loss by offering visibility and control over their data, hence the company’s name. Within AWS storage services, ensuring data security and protection is a priority. The integration with the AWS Transfer Family plays a role in safeguarding file transfers and eliminating any associated risks for organizations, according to Casmer.

“We started at the data itself. Is it clean? So, we scan it for malware. There’s no real good native solutions out there for that,” Casmer said. “Is it sensitive? We do classification on that. So, we build on the data and now we add layers on top of that to then say, ‘OK, we’ve got potentially dirty data, potentially sensitive data. Let’s check the configuration of it.’”

Knowing the visibility and hygiene of your data — including its location, type, age and access frequency — is crucial when building a safe environment. Maintaining data hygiene requires conducting evaluations and eliminating any unnecessary data to adhere to regulatory requirements, according to Casmer. Additionally, it is crucial to consider the risks associated with misconfiguration, unintentional public access and unauthorized handling of data.

“The notion of being able to scan for malware and classify the data as it comes in through that standard protocol that people have been using for decades was a big thing,” Casmer said. “We intentionally did that integration, put it together, and now you can ensure that the transfer of the file is secure, but also the endpoint — you know exactly what’s going on in that data.”

Securing data across all endpoints

The concern of data trust and security arises when dealing with a distributed workforce and third-party businesses, as there is no control over where the data is coming from. For this reason, it’s important to have a structured and layered approach to ensure the safety of data, regardless of its flow and endpoints, according to Casmer.

“We’ve tried to create an enterprise management solution here that gives you visibility and control in a very simple form,” he said. “It’s highly scalable, and we’ll look at all of your data everywhere it is and report back to you on what you have and then give you the ability to really add point-and-click protection.”

AWS storage includes various services, such as S3, WorkDocs, Elastic File System and Elastic Block Storage, with the goal of covering all unstructured data and expanding to include structured data in the future. Relational Database Service types focus on simplicity, visibility and control. Cloud Storage Security offers free trials and support to help organizations protect against malware and ransomware in cloud storage, on the other hand.

“The goal is to continue to look at that and continue to expand. So, what is beyond unstructured data? Well, it really becomes the conversation around structured data. It’s this notion of OK, let’s go and evaluate the same types of mechanisms around your structured data,” Casmer concluded.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s pre-event coverage of the “Cybersecurity” AWS Startup Showcase event.

(* Disclosure: Cloud Storage Security sponsored this segment of theCUBE. Neither Cloud Storage Security nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE