ADVERTISEMENT

Securing the cloud: cyber risks and best practices you need to keep in mind

Female and Male employees discussing in data center
Pierluigi Paganini
Pierluigi Paganini Contributor
Jun 17, 2021 Updated: 28 September 2021 2 min read
Private businesses and government organizations are moving large parts of their infrastructure and services to the cloud. However, many don’t address cyber risks properly.

Infrastructure-as-a-Service

Platform-as-a-Service

ADVERTISEMENT

Software-as-a-Service

The biggest cloud security risks faced by organizations

  • Misconfiguration of cloud infrastructure and services is probably one of the main causes of data leaks and data breaches. Regardless of the model they choose, businesses tend to lack essential knowledge to secure cloud solutions. In many cases, organizations only rely upon security controls provided by their cloud service provider to protect their cloud infrastructure, which don’t match their requirements.
  • Poorly protected corporate accounts can be hijacked by threat actors. The accounts of many organizations that use cloud services are protected by weak passwords or credentials that could be easily retrieved from third-party data breaches. Having obtained an employee’s credentials, attackers can access company infrastructure and data, and use them to carry out multiple malicious activities.
  • Malware infections represent a serious threat for cloud infrastructure. Malicious code can be used by threat actors to steal sensitive data, abuse computational resources of the company (i.e. cryptojacking attacks), or for sabotage. Many IaaS offerings and SaaS applications lack anti-malware protection, and organizations using them have no idea of the security features they are paying for. The infection vectors within cloud infrastructure are many, including unmanaged file uploads and downloads of infected files.
  • Insecure interfaces offered by service providers can be abused by threat actors to access the cloud infrastructure. Poorly protected application programming interfaces (APIs) and vulnerable data sharing systems can be exploited by attackers to access corporate cloud resources.
  • Malicious insiders are a major security issue for most organizations, especially those that utilize cloud services. In cloud-based infrastructure, the detection of a malicious insider is even more complex due to their lack of visibility in the underlying infrastructure, as well as the lack of proper controls.
  • The absence of data encryption can potentially expose data to theft and unauthorized access. Data encryption is essential for both data storage and data in transit. Even when data is encrypted, it is essential for organizations to master key management processes. An attacker can potentially steal encryption keys used to protect business data and access sensitive information.
  • Legal/compliance issues related to regulation on data protection and security, such as the EU GDPR and HIPAA, require organizations to implement compliant systems for the management of cybersecurity. Being compliant means that organizations have to clearly define roles and responsibilities for their employees and external partners. In a cloud environment, it is more difficult to regulate and monitor access.

How to secure cloud infrastructure?

  • Keep every component within cloud infrastructure up to date, including operating systems, applications, monitoring tools, and security solutions.
  • Enforce data protection policies. Organizations should define policies that establish what data can be stored in cloud infrastructure, how to manage it and who can access it.
  • Monitor internal traffic. Many cloud providers allow their customers to deploy specific solutions to monitor internal traffic for cyber threats and anomalies. Hardware or software-based firewalls allow businesses to apply rules to all traffic coming into a network, filtering out anything potentially dangerous.
  • Back up your data. Make sure that the cloud providers back up your data and periodically test it. Backups must be properly protected. 
  • Apply advanced malware protection. This is particularly important, especially in IaaS environments, where organizations are responsible for the security of the infrastructure components (i.e. operating systems, applications, and network traffic). Anti-malware solutions can prevent malicious code from infecting systems in the cloud and spread across its internal network.
  • Implement redundancy. Reliable cloud providers have to implement redundancy to ensure the availability of data and infrastructure in case of major failures, such as natural disasters or unforeseen incidents. Redundancy is usually implemented by storing multiple synchronized copies of customer data across multiple data centers.
  • Perform periodical vulnerability assessments and penetration tests. Cloud providers should periodically conduct security assessments, which have to be conducted by third-party cybersecurity experts that can evaluate the level of infrastructure security and address any vulnerabilities they discover.
  • Encrypt the data. All data stored in the cloud, as well as any data in transit, has to be encrypted.
  • Enable two-factor authentication for any resources that are provided by the cloud infrastructure service.
  • Monitor data access. Businesses have to take care how their sensitive data is being stored, accessed, and shared. Sensitive data has to be carefully protected, and cloud providers have to offer tools and solutions to monitor accesses. IT staff have to assess the permissions on each resource in the cloud environment.
ADVERTISEMENT