Organizations today are migrating to and utilizing cloud services in ever-growing numbers. While businesses may not have fully moved to the cloud, many adopt hybrid infrastructures and services spanning both on-premises and cloud resources.
A rising number of organizations are actively adopting cloud Software-as-a-Service (SaaS) offerings for business-critical services like email and data storage. Others may also be making use of cloud Infrastructure-as-a-Service (IaaS) as a way to run their business applications on virtual machines (VMs) running in the cloud.
While the cloud can certainly bring many advantages over strictly on-premises environments, it also brings security challenges. Attackers are shifting their attention to the cloud and are increasingly targeting cloud environments. This article explores what cloud security is and how businesses can protect their cloud assets from malicious cyber threats.
What is Cloud Security?
The cloud indeed allows businesses to accelerate the pace of innovation, as it helps to eliminate the time and maintenance resources that are generally dedicated on-premises to the underlying infrastructure layer. With cloud environments, your organization has access to the latest and most remarkable technologies and services instead of being tied to legacy hardware, services, and infrastructure.
However, even with shiny new cloud services and infrastructure, the security of those resources must still be given attention. Attackers are certainly aware that many organizations are much more heavily utilizing cloud environments and are looking for misconfigurations and other vulnerabilities to compromise your cloud data.
In the most basic terms, cloud security is the sum of all the processes, procedures, policies, and technologies that are used to secure your cloud environment. Cloud security is a vital aspect of your overall security solution as your business migrates business-critical resources and data to cloud service providers.
Why is Cloud Security Important?
One only has to look at IBM’s 2020 Cost of a Data Breach report to see the true costs of a data breach event. These costs apply regardless of which type of infrastructure an organization is utilizing, including on-premises and cloud environments.
Let’s look at a few of the statistics from the 2020 report:
- The average total cost of a data breach event — $3.86 million USD
- Most expensive country — the United States, $8.64 million USD
- Most expensive industry — Healthcare, $7.13 million USD
- Security automation deployed — in 59% of organizations
The data breach statistics listed above are by no means trivial. In addition, the study indicates that cloud migration actually amplifies the cost associated with a data breach. As listed by the report, “Organizations undergoing a major cloud migration at the time of the breach saw a cost increase of $300,000, for an adjusted average cost of $4.22 million.”
Cloud security is an extremely important part of your organization’s overall security stance across the board. A data breach of any size is too large. A breach today of your cloud environment can certainly lead to massive losses for your organization as the consequences of a data breach can last for years.
Cloud Security Challenges
You may be thinking, isn’t the cloud supposed to solve the traditional security challenges we once faced? Cloud has certainly helped to eliminate some traditional cybersecurity issues that were related to old legacy hardware, antiquated processes, and resiliency concerns.
However, the very strength of the cloud can often be the Achilles’ heel of the solution as well. Organizations utilizing cloud environments have to understand the new tooling involved with effectively and securely operating cloud environments. A lack of full understanding of the nuances of cloud administration can leave major vulnerabilities that can be exploited.
As an example, it seems there is no end to AWS S3 buckets that have been unintentionally left wide-open to the outside world. Often this is due to a lack of understanding of how to properly secure cloud storage and/or lack of visibility to the issue. Sometimes it may be a combination of the above along with other reasons. Attackers can easily exploit misconfigured S3 buckets to steal or leak information they contain.
Cloud infrastructure is often ephemeral in nature as well. IT administrators may properly protect the initial resources that are provisioned in the cloud, however, due to the ephemeral nature, new resources may be provisioned and potentially be left unprotected.
As you can see, the cloud presents its own security challenges and requires organizations to do their due diligence to implement the processes, procedures, policies, and technologies required to keep their data and services secure.
What are other challenges associated with cloud security?
- Cloud data visibility — Maintaining effective visibility over the data and services in cloud environments can present challenges for organizations.
- Effective security controls — Control over cloud resources is a bit more challenging than on-premises environments where IT administrators have control over the underlying physical infrastructure and network as well as the services running. Especially in cloud SaaS and PaaS environments, these various elements are abstracted.
- Compliance obligations — Compliance is growing in its importance in most organizations. It can no longer be an afterthought as has been the case in previous years. GDPR, HIPAA, PCI, and others can result in tremendous fines for businesses that are found to be negligent in applying the recommended security in their environments.
- Insider threats — Your own employees can potentially present a high risk to your data. Either accidentally or intentionally, an end-user can destroy or leak data.
- Data sharing — Cloud data can be easily shared with the outside world. This can present real challenges related to the security of your data.
How to Choose Effective Cloud Security Solutions
With the challenges mentioned above, your organization must implement effective cloud security solutions to help combat the security threats and risks that are present today in your cloud environment. This will include the holistic approach of security policies, procedures, processes, and technology. What do effective cloud security solutions include?
Visibility and control over cloud data
Maintain visibility and control over your cloud data. This includes and involves having tools to view and control the following aspects of your cloud data:
- Where is your data stored?
- Which services are using your data?
- What permissions are assigned?
- Is the data shared?
- Who is it shared with?
Policy enforcement
Organizations must have an effective way to enforce data usage in the cloud to align with the established business policies that exist on-premises. Cloud Access Security Brokers (CASBs) allow effectively enforcing policies on how end-users are allowed to access data and services in the cloud.
Regulatory and Compliance
As mentioned, regulatory and compliance frameworks have become an essential component of how businesses carry out day-to-day operations, especially involving information technology and data. This includes cloud environments. Effective cloud security solutions must include compliance as part of the overall cybersecurity requirements for your organization.
- Mobile Device Management (MDM) — Cloud environments can be accessed from anywhere and from any type of device. Your organization needs to have the ability to control mobile devices and how they access cloud environments to prevent cybersecurity risks in the form of data leaks, ransomware, and other threats.
- Insider Threats — Understand what your end users are doing when they access cloud environments. Are they downloading large amounts of data abnormally? Have they shared data with someone outside the organization they shouldn’t have shared the information with? Are there suspicious behaviors with a certain user account? For instance, is the user account being logged in at suspicious geolocation? Is the account being brute forced?
- Patch management — For customers who are utilizing an Infrastructure-as-a-Service (IaaS) environment, cloud security should involve patch management of any resources that are located and maintained in the cloud IaaS environment.
- Disaster recovery — Most cloud environments do not have a native disaster recovery solution built into the offering. This means it is up to you to protect your data. It is imperative to have an enterprise-class disaster recovery solution in place for your cloud data. A backup solution allows granular file recovery or restoring an account in its entirety.
- Cloud Security — Shared Responsibility Model
It is important to understand how cloud service providers provide services to you as a tenant and what responsibilities you take on as such. Most public cloud providers operate under what is known as a “shared responsibility model” wherein the provider and the customer both have responsibilities in securing the tenant environment.
The largest public cloud environment in use today is Amazon AWS. As an example of the shared responsibility model, Amazon publishes in detail the responsibility of AWS and the responsibility of the customer. What are those?
AWS responsibility:
“AWS is responsible for protecting the infrastructure that runs all the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.”
Customer responsibility:
“…a service such as Amazon Elastic Compute Cloud (Amazon EC2) is categorized as Infrastructure as a Service (IaaS) and, as such, requires the customer to perform all the necessary security configuration and management tasks. Customers that deploy an Amazon EC2 instance are responsible for the management of the guest operating system (including updates and security patches), any application software or utilities installed by the customer on the instances, and the configuration of the AWS-provided firewall (called a security group) on each instance. For abstracted services, such as Amazon S3 and Amazon DynamoDB, AWS operates the infrastructure layer, the operating system, and platforms, and customers access the endpoints to store and retrieve data. Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the appropriate permissions.”
Microsoft and Google have very similar stances when it comes to mutual responsibility for cloud security in their cloud environments. This helps to underscore the need as an organization to take charge of your cloud security as resources are migrated to the cloud.
Final Thoughts
Effective cloud security solutions are an essential requirement for organizations making use of public cloud environments. While the cloud has resolved many of the challenges present on-premises, cybersecurity is still an area of attention that customers must take seriously with cloud environments. Attackers are shifting focus to cloud environments and are looking for vulnerabilities, misconfigurations, or other lax security controls, so they can compromise your environment.
Good cloud security hygiene involves the areas mentioned including visibility and control, policy enforcement, regulatory and compliance, mobile device management (MDM), remediating insider threats, patch management, and disaster recovery.
By enacting good security hygiene and effective cloud security solutions, your organization can take advantage of all the cloud offers, securely and effectively.
How Can Action1 Help
Leveraging cloud-based IT management, support, and security solutions help ensure that no matter how heavily a distributed workforce is used, your organization’s IT department has the tools and solutions needed to maintain corporate cybersecurity standards and procedures.
Sign up to test the Action1 endpoint security cloud-based platform in action and ultimate favorite SecOps solutions such as automated Patch Management and Software Deployment.