Securing Public and Private Cloud Application Services to Close Attack Launching Points

Cloud application services are great for any business, but things can go bad very quickly when cloud applications are compromised and used as attack launching points. It is crucial for businesses that fall under the PCI regulatory umbrella to head off these attacks and protect data that is shared to cloud applications. Champion works with financial organizations to identify security issues and implement security improvements for cloud application services, all while ensuring the services align with the institution’s overall security posture.

Cloud Applications Are Under Attack

According to a “state of the internet” report by Akamai, a major player in the Content Delivery Network services sector, there has been a large jump in the number of initiated attacks against cloud-based resources. Akamai also reported that roughly 60% of DDoS attacks were launched as multi-vector attacks, or by distributed DDoS attacks, making the defending of cloud-based applications and data an increasingly difficult task. This shows in the reported 26% increase in attacks against cloud-based applications.

Both public and private cloud-based applications see their biggest challenges as coming from DDoS attacks. This includes the compromising of one or more cloud-based applications with bots that can be used to initiate multi-vectored attacks or distributed DDoS attacks against a target company.

As the financial industry marches toward deeper and more reliant relationships with cloud-based application services, the security emphasis for 2017 must include a viable and multilayered solution that addresses both a financial institution’s cloud-based applications and its internally staged applications. And while cloud security is a newer concept in the financial world, it must be considered in any security posture. It is important to note that, cloud or not, any application that a business runs will have vulnerabilities, and these vulnerabilities will need to be addressed promptly and comprehensively.

Adding Layers to the Security Onion

When working with a financial organization to further secure its private and public cloud applications, it is important to keep the process simple as well as all-encompassing. Here are three primary focus points, which can be expanded or adapted as they apply to a client’s particular business needs:

1) Know what the ultimate security posture goals are and how they meet or exceed an organization’s regulatory and customer obligations

For example, there are varying levels of PCI DSS compliance, so a financial organization that needs to adhere to Level 3 PCI compliance will have different needs than an organization that needs to meet Level 1 PCI compliance requirements. This includes discovery into how compliance regulations apply to cloud applications and any data used by these applications.

One misstep I often see in this area is when an organization moves an application from physically based to cloud-based; the organization sees the application as no longer needing to meet PCI compliance because of its move to the cloud. This is simply not true; any application that is subject to regulatory compliance will always be subject to regulatory compliance, regardless of if it is physical, in the cloud, or both.  Another potential issue I see far too often, and mostly in the public and hybrid cloud space, is a lack of understanding regarding the security model for shared applications. Although most cloud services will handle the security and patching aspect of the application infrastructure, the business is typically responsible for application level security, such as access accounts and application layer security functions. This can vary greatly from business to business, so it is important to have these security aspects of any cloud-based services well documented and drawn out as concisely as possible.

2) There will need to be a change in your data, infrastructure, and cloud security policies

If a business is new to the cloud, it typically becomes necessary to recreate the organization’s security posture. This becomes especially important for those financial institutions that move transactional data into the cloud or some other form of dynamic, always-in-motion cloud data.

3) You must treat your cloud-based applications and services as if they were on your network

This applies regardless of how much, or how little, involvement you have in managing the overall application. In taking the “I own it” approach, you not only ensure that your organization’s security policies are being applied and followed, but also ensure that financial organizations maintain the upper hand in security management of these systems as well as during regulatory audits.

You Will Want Help

Champion works with those in the financial industry to instill and maintain a high level of security when cloud-based application services appear on a business’s horizon. We work with you to engineer and implement a multi-layered solution which addresses your security needs of private, public or hybrid cloud application services. We work with you align your cloud needs with an industry leading host, such as Microsoft’s Azure Cloud Services, while bringing top notch multilayered tools like QRadar and Carbon Black into the fold to harden your environment.


You Can Retake Hijacked Access Accounts for Better Endpoint Security


Complying with PCI DSS 3.2 in the Office 365 Space is a Must for Financial Organizations


Erick Bacallao joined Champion Solutions Group in 2015 after a career of Software Development in Cuba at the National Cancer Care Institute of Cuba, followed by moving to the States with allAware.


Champion acquired allAware and its properties and Erick has utilized his extensive background and expertise in IT and Software Development to rise to VP of Product Development in less than 5 years. During this time, Erick has been involved with key projects that led to the launch of numerous products including CSP Boss, Inscape platform and 365 Productivity Insights.


Erick has a Bachelor of Science in Computer Science from the University of Havana. He won Gold Medals for Programming from the Ministry of Education in Cuba, and he is certainly still a Gold Medalist for Champion!


As President and CEO, Chris is responsible for the development of key strategic alliances and solution portfolio. He leads Champion’s go-to market and execution strategies for integrated offerings in the cloud, in security, and in digital infrastructure, always focusing on improving the customer experience and driving transformative business outcomes.


He also aligns key partner initiatives with company strategy and oversees corporate marketing and messaging to gain mindshare with customers and partners. It’s his vision and innovativeness that have catapulted Champion up the ranks to become a $100M+ organization—and one of the most respected solution providers in the industry.


Over the past two decades, Chris has also focused on mergers and acquisitions, as well as innovative product development. He is the original founder and an active member on the Board of Managed Maintenance, Inc., a SAAS provider and consulting firm that utilizes their award-winning One-View Portal to help the IT Channel and its customers manage their IT Maintenance.


Chris is also the original founder and chief strategist behind one of the original storage cloud providers, Storage Access / BluePoint. During the course of a few short years, he had raised $20M and took that company public on the Toronto Stock Exchange. It has since been acquired by Pomeroy.


In 2012, Chris led the acquisition of MessageOps and continued the product development and worldwide launch of its premier SAAS, 365 Command. Built on Microsoft Azure, 365 Command is currently managing over 1 million seats of Microsoft’s Office 365. After achieving this phenomenal milestone, 365 Command and other MessageOps O365 utilities were sold to Kaseya.


Over the past 35 years, Chris as worked tirelessly to not only advance his own career, but those of his employees. In addition to leading a $100M organization, Chris can also be found sitting with sales teams, cold calling and coaching, and validating why Champion has been listed on Best Places to Work by both South Florida Business Journal and Computerworld.

Ultimately, the success garnered by Champion Solutions Group, its associated companies, and their employees is due in large part to the leadership of its President and CEO. Perhaps the most fitting award Chris has earned is South Florida Business Journal’s 2013 Ultimate CEO Award.