Leveraging the Cloud for Security
Considering recent gaming industry cybersecurity incidents occurring in our market, I’ve been reflecting on how these incidents could have occurred, how they were able to impact the enterprises so completely, and what could have been done differently to mitigate these risks. For me, the answer continues to be leveraging cloud services.
Most gaming organizations manage most of their technology infrastructure on-premises. This approach presents a much greater risk to both security and business continuity. In most cases, on-premise solutions are all managed on the same network or on peered corporate networks meaning when a security incident occurs all systems can go down at the same time.
I have been of the opinion for several years that it is increasingly becoming irresponsible to host your own infrastructure. The threat landscape is too complex for organizations that are not 100% focused on securing infrastructure as their core business focus and competency. Microsoft has 8,500 of the world’s top security professionals who wake up every day with a singular goal of keeping Azure safe. Amazon Web Services (AWS) invests similarly, and both organizations spend billions annually on securing their cloud environments.
Conversely, most gaming organizations with servers on-site have outdated equipment and backlogs of updates to make. Lacking both resources and specialized expertise, they find it challenging to keep pace with the rapid advancements in networking technology – such as firewalls, routers, and switches – thereby leaving themselves vulnerable to security threats. Put simply, if your core competency as an organization is not hosted infrastructure as a service, then I argue that you should not be hosting your own infrastructure in today’s fast-evolving tech landscape.
Early in my career as a software engineer, the opinion was always “on-premise is more secure, cloud is more convenient.” That wasn’t actually true then, but it is especially not the case any longer. Cloud environments are far more secure, have higher investments in security infrastructure, have the best engineers in the world securing their environments, and represent an extremely hard target to malicious hackers, especially in the context of gaming industry cybersecurity.
To explore this critical issue, I’ll break it down into 3 areas that detail why transition to the cloud is imperative: better technology, better engineers, and better architecture.
Cloud providers have access to the best, leading edge security hardware and software because delivering highly secure, highly scalable infrastructure as a service is their core competency as an organization. They invest more heavily in security solutions, upgrade and maintain those solutions more frequently, and experiment with cutting edge technology in the security sector at a rate far greater than any organization that is not a cloud provider possibly could.
Think about your own environments. How many servers do you have that need upgrades, but that work is on the backlog? When was the last time you purchased new firewalls, routers, switches, and other networking infrastructure, and even if that was recently, how long did it take you get that installed and configured? For most organizations, that answer is going to be 10+ years ago. The average LAN network infrastructure is kept for 10 years, which means most organizations are running firewalls, routers, and other network infrastructure that was built in 2013. There have been substantial changes in the hardware used to secure enterprise infrastructure and the threats that those enterprises face in the last 10 years. Enterprises simply cannot rotate their infrastructure at a rate that keeps up with technological advances and the threats they face.
In the cloud, best in-class software and hardware for protecting your environment are available through automation as well. If you want to turn on a Web Application Firewall that filters for OWASP Top 10 vulnerabilities, it's as easy as checking a box when creating a load balancer. Want to deploy the latest Intrusion Detection and Prevention software to inspect every packet of data coming into your environment? It can be done in an hour or two.
Additionally, with cloud platforms, you get physical security measures out of the box that go far beyond the capabilities of most enterprises. These measures include fully manned CCTV monitoring, Intrusion Detection systems with automated alerting, 24x7 manned entry control points with scanning systems, physical access request governance, monitoring and logging systems, surveillance and detection systems, and the list goes on. How does physical security at your server room look compared to that? Would you know if someone carried in a USB device into your server room?
With best-in-class security hardware and software, and best in-class physical security, the cloud environment is safer than most, if not all, enterprise environments, particularly in the realm of gaming industry cybersecurity.
As most of us in the technology space know, having great hardware and software to secure environments is only valuable if you have great people managing those resources. Cloud providers have the resources to hire the best security and networking engineers out there, and the most talented engineers in that space go to the cloud providers because they are solving the biggest problems in that space.
Early in my career as a software engineer, I worked at a higher-education company that owned and operated 2 different universities. Software was a cost center for this organization, and I quickly became frustrated by the lack of resources, training, and attention given to the engineering department, and ultimately decided to move on to work at a company whose core competency was enterprise software development. Network and security engineers do the same thing. They want to work somewhere where the company’s focus (and therefore resources) is security so they can do their best work.
Cloud providers not only hire the best engineers out there, they hire more of them. On a recent call I had with our cloud provider, they told me “Every morning 8,500 people wake up with the sole purpose of keeping our cloud secure.” A quick search will tell you that the average salary of a security engineer at a major cloud provider is roughly $240,000, meaning they are investing just under $2B annually for personnel to secure their environment. What is your organization's security budget?
One of the biggest differentiators in the security between cloud environments and on-premise solutions, especially in the context of gaming industry cybersecurity, is architecture. Not only do cloud architectures lend themselves towards horizontal elastic scalability, they tend to be newer systems leveraging capabilities that were not available 10 years ago and are extremely difficult to implement on-premise.
One example of this architecture is geographic distribution for high availability. Maintaining one properly secured and fully functional data center is a difficult task, and having multiple spread across many geographic regions is untenable for most organizations. The manpower to operate these systems, the complexities of keeping them secure, and the cost of duplicating the infrastructure to support multiple regions are barriers of entry to most organizations. All major cloud providers offer geographic distribution and high availability though.
Additionally, as a part of geographic distribution, you need to be able to support multiple write regions on your data tier. Keeping data synchronized across multiple regions is a challenging task, and often organizations punt on these requirements and simply do offsite backups or read replicas. This solution is laughable compared to truly highly available cloud solutions.
At Kinectify, our platform spans multiple availability zones in multiple regions. What that means is, each region of our cloud provider has multiple data centers that make up that region. We deploy our solution to each of the data centers in our primary region and deploy across multiple regions. No less than 6 data centers are hosting our platform at any time, and the likelihood of all 6 of those regions going down is very low. This would be an impossible architecture to replicate on-premise.
In addition to spanning multiple regions and availability zones, cloud architected solutions are often more highly segregated than on-premise solutions. Development networks are not connected to production networks, productivity suites are not hosted on the same networks as information systems, etc. This segregation means, even in the event of catastrophic incidents, some (even most) systems remain available and uncompromised.
On the flip side of the conversation, on-premise solutions, even with high-availability architectures, often represent a much greater risk due to the same centralization that used to concern people with the cloud. In most cases, on-premise solutions are all hosted on the same network, or on peered corporate networks. When a security incident occurs, this can impact all of the resources that the organization hosts, often at the same time. For example, should a ransomware attack occur, it will quickly spread to all of the servers hosted in your data center, including your office productivity systems (email, internal chat, document sharing, etc.), your information systems (player data management systems, booking and reservation systems, payment systems, etc.) your casino systems (title 31 solutions, CMSs, etc.) and essentially bring your entire infrastructure to a halt.
The recent gaming industry cybersecurity events that have occurred over the last couple of weeks serve as a stark wake up call for all stakeholders responsible for the systems that operate their organizational infrastructure. They highlight the vulnerabilities caused by legacy systems hosted in legacy ways. While cloud-based systems can certainly be vulnerable to these types of attacks as well, the tools we have in the cloud to detect and prevent them are far greater than the tools we can ever hope to have on premise.
In today’s complex and ever-evolving threat landscape, the question is not whether cloud-based solutions are infallible, but rather which approach equips us with the most robust set of tools to combat these risks. If your organization’s core competency isn’t in managing and securing hosted infrastructure, the cloud is not an option; it’s an imperative. The stakes are too high, and the risks too great, to do otherwise.
By leveraging the cloud, we’re not just adopting new technology; we’re aligning ourselves with a paradigm that prioritizes security, scalability, and operational excellence. And in a world where cyber threats are not a matter of “if” but “when”, that’s a paradigm we can’t afford to ignore.
Kinectify is an AML risk management technology company serving gaming operators both in the US and Canada. Our modern AML platform seamlessly integrates all of the organization's data into a single view and workflow empowering gaming companies to efficiently manage risk across their enterprise. In addition, Kinectify's advisory services enhance gaming operators' capacity with industry experts who can design and test programs, meet compliance deadlines, and even provide outsource services for the day-to-day administration of compliance programs.
To learn more about Kinectify and book a demo, click here.