Trends for IT security in 2022

The company ownCloud, a specialist for digitally sovereign and secure data storage, sees five central trends for IT security coming our way in the next year. With them, companies and authorities are responding to new challenges and old familiar threats.

1. Companies are rethinking their cloud strategies in terms of digital sovereignty. More and more organizations want to regain their digital sovereignty. That is why they are looking for alternative solutions to the public cloud, especially for software that stores and processes personal data. There is a demand for solutions that can be operated in private cloud environments without compromising user-friendliness and functionality - whether in the organization's own data center or with trusted and certified European service providers.
2. Open standard procedures simplify user authentication. Companies have been using single sign-on and multifactor authentication to authenticate their employees for some time now. Instead of in-house developments, they will increasingly rely on established open standard processes in the future to make their work easier. These include the Open ID Connect standard, which enables an uncomplicated connection to external identity providers such as Keycloak, Ping Federate, ADFS, Azure AD or Kopano Konnect.
3. Organizations are also increasingly encrypting "data at rest." In response to rising security threats and increasing mobile and remote working, more and more companies are adopting zero-trust approaches. In doing so, they are now increasingly restricting the access of their administrators by encrypting data not only on its transmission paths, but also in its stored state on their servers. Access by administrators can be prevented with procedures that store master keys in a hardware security module.
4. Audit solutions support IT security at the application level. An important component of zero-trust approaches is also threat defense at the application level. Companies will increasingly rely on audit trails for this purpose. To enable comprehensive auditing, many applications now record all data accesses and actions. These logs also form an ideal basis for comprehensive monitoring. This is even more true if they can be transferred to professional SIEM solutions that can detect potentially dangerous patterns with machine learning algorithms. 
5. Companies position file sharing against ransomware. In the fight against the growing threat of ransomware, organizations will increasingly rely on file-sharing solutions. After all, the centralized data storage of these systems makes them the ideal platform for defending against such attacks. For example, they can prevent the upload of files with ransomware-typical extensions, automatically block user accounts affected by conspicuous file changes, or reset affected files to their state immediately before the attack.

"In view of the unabated growth in threats, the topics of data protection and security are becoming even more explosive," says Klaas Freitag, CTO at ownCloud. "Companies are also taking unusual approaches and, for example, using systems that do not originate from the actual IT security environment, but whose specific strengths can offer particularly good protection against ransomware attacks.

Source: ownCloud