Cloud security 2020 - protect yourself

cloud_security_2020_protect_yourself

Another year has come and gone. Everyone has New Year’s resolutions — including cybercriminals. It’s wishful thinking to hope that they’d all turn over a new leaf, since it’s more likely that they’ve resolved to hack harder and smarter than last year instead. With this in mind, we anticipate that they’ve made the cloud one of their primary targets, and that these are the vulnerabilities they’ll most likely take advantage of.
 

Cloud misconfigurations


We’re always advised never to put all our eggs in one basket. This applies to where we store and process our data as well. If, for instance, we use only one data center for storing all our data, we’ll lose everything if that data center is severely crippled by a natural or manmade disaster. Another example is having only one cloud service provider or CSP. If that CSP folds out of the blue, all the business processes they handle will be screwed up or come to a grinding halt until these are turned over to another provider.
 
Having multiple CSPs is therefore a wise thing to do, and many companies implement this strategy. The underlying infrastructures of the different clouds are secure in and of themselves, but troubles start when the cloud customer uses them individually or in tandem with one another. This is because the customer is responsible for properly setting up the following:
 
●      Storage and compute settings
●      Identity and access management (IAM) settings
●      Threat analysis and defense systems
 
Storage and compute settings
Ironically, even cybersecurity service providers can suffer data breaches due to misconfigurations. One such vendor called Imperva had a misconfiguration that allowed hackers to extract customer information out of its very own Cloud Web Application Firewall product. As with many other companies before it, Imperva committed its mistake while scaling its services in a big and speedy way.
 
Tools are now available for automatically detecting cloud misconfigurations and alerting the proper IT specialist to fix these issues. Companies just have to take the extra effort to use these tools and secure their clouds, especially since hackers can develop similar implements to seek out and take advantage of cloud misconfigurations.
 
IAM settings
In theory, keeping tabs on a stakeholder’s role in your company and defining their access rights to cloud-based company apps and data are excellent ways to keep data safe from being leaked or stolen, especially when the principles of zero trust and least privilege are applied. However, in practice, IAM is very difficult to implement and manage because roles can change and relationships among individuals and teams are complex and dynamic.

Companies must invest in the latest tools to stay on top of IAM since control of it is very easy to lose. For instance, if the access rights of an employee who was fired or resigned aren’t immediately rescinded, then that employee might steal or alter company files if they’re feeling spiteful.
 
Threat analysis and defense systems
One of the most common ways cloud defense systems are misconfigured is when they aren’t patched as soon as patches are available. Unbeknownst to most people, hackers download the patches to discover the places being patched. Once they build a program that’s capable of taking advantage of those weak spots, those who haven’t applied the patches are vulnerable to cyberattacks.
 

Third-party apps and plugins

While initiative in staff members is a good thing, it becomes a liability once employees take it upon themselves to solve process and productivity issues by integrating unvetted apps and plugins onto your cloud-based systems. These apps and plugins can be launching pads for malware, phishing attempts, and other types of threats, so it’s good practice to have a whitelist of allowed apps and plugins and minimize the perimeter of your network.

Ransomware

Vectra, a cloud security firm, stated in their report that among ransomware threats launched in 2019, the most significant was the malicious encryption of shared files in the cloud. Hackers target companies that are more likely to pay bigger ransoms, deftly breach the latter’s network perimeter security, and lock users out of widely shared company files and even entire shared volumes of files.
 
Early detection of attack behavior is key to preventing hackers from propagating encryption attacks and causing a crippling business outage.
 
Enjoy the benefits of cloud computing without worrying about data security. Trust that SimplyClouds knows how to protect you from existing and upcoming cyberthreats. Consult with us to learn more about how our exhaustive cloud security measures will keep your data safe and sound on the cloud.

Categories: Best practices, Cloud security, Cloud predictions, Cybersecurity

Tags: cloud providers, cloud predictions, cybersecurity, identity management, access management, IAM, third-party apps, plug-ins, ransomware, Imperva, Vectra