As more companies move their digital footprint to the cloud, the need for cloud security systems continues to grow. Cloud is cheaper and more flexible, but consequently harder for traditional IT members and tools to maintain a granular watch over, all of which creates new questions for business leaders as their teams push for and adopt cloud services as part of an organized expansion.
The as-a-service subscription nature of the cloud means businesses can snap up these digital services, compute power and have access to endless storage for their workforce, at a fraction of the cost of traditional IT. Some 80% of businesses now use the cloud, with 59% aiming to be "all" or "mostly" in the cloud by the end of 2021. Even risk-averse organizations such as banks and governments see the benefits outweighing the costs of legacy IT infrastructure.
For CISOs, CIOs and IT professionals looking to take control, gain greater visibility, ensure security and uphold the governance of increasingly complex and growing cloud environments, there are a range of solutions available:
What is a cloud access security broker (CASB)?
Whether your employees are using unapproved cloud applications or services without your approval, and you need comprehensive visibility into who’s accessing what across different cloud environments, cloud access security brokers can help. CASBs inspect network traffic between the cloud provider and devices on-premises and ensures that they comply with your security policies, while managing and safeguarding the data you store in the cloud. When looking for a CASB tool, it’s important that you look for the following core features:
- Visibility – e.g. shadow IT detection
- Compliance – e.g. user authentication and authorization
- Data security – e.g. encryption and tokenization
- Threat protection – e.g. real-time malware detection
Learn more: 9 Key Questions to Ask Every CASB Vendor
What is cloud security posture management (CSPM)?
Cloud security posture management (CPSM) solutions are often used by IT professionals to detect any compliance risks and misconfiguration issues in the cloud and monitor an organization’s overall cloud posture. These solutions work by continuously assessing and identifying cloud assets and data across multiple clouds a business uses, including shadow IT that the IT team aren’t aware of.
CSPM then produces a report detailing any misconfigurations in the settings, allowing IT teams to address issues and improve the company’s overall cloud posture. These solutions will continue to monitor cloud environments in real time and highlight internal and external issues and mistakes that could create further weaknesses.
What is a cloud workload protection platform (CWPP)?
The ease with which cloud services can be set up mean many businesses make the mistake of overlooking key security settings and configurations. But with an ever-increasing range of threats including denial of service attacks, data breaches and phishing attacks, IT leaders need to ensure they protect their workforce at the workload level as well as the endpoint.
A cloud workload protection platform (CWPP) provides high-level visibility and enables monitoring of workload behavior, detecting and responding to misconfiguration issues or intrusions. The strategic data gathered is presented in the form of a dashboard. CWPP can also improve the hardening of systems and overall vulnerability management by identifying outdated and weak business applications and user permissions settings.
Many businesses migrate to the cloud to save costs, and with that comes the transition from on-premise to cloud security. On-premise data and services are historically easier to protect as businesses usually have the tools to defend within their firewall, but cloud offers greater ease-of-access and flexibility. However, there is the risk that businesses can adopt cloud services in an ad hoc manner, with no oversight, governance or dedicated responsibility for security and data protection matters. There are just as many cloud threats as there are for traditional IT, but cloud solutions such as SIEM make their detection, elimination and management more effortless.
In today's business environment, 61% of IT professionals say the cloud is more secure than on-premise thanks to the native security present at cloud data centers, and built into applications and services. When defended by cloud security, a company's cloud should be just, if not more, secure.
Enterprises have CISOs to defend the business, but all companies should have an experienced IT team who can provide guidance on how to protect their data and services. Failing that, companies can go with their cloud partner's security vendor of choice, but they still need someone to understand and react to threats and take responsibility.
It's also easy to trust or believe that your chosen cloud vendor's security features are sufficient to protect your business operations. Yet, just because you've signed up for a cloud service that promises market-leading security and 99.9% uptime, it doesn't absolve you of the responsibility to ensure your own cloud-security management strategy and policies are in place, regularly updated and enforced across the business.
Cloud security helps tie the various strands of your organization's cloud commitments together, creating rules and using tools to monitor and protect the data, access rights and ensure the business remains on top of who's using what, and is instantly alerted to any issues.
In a traditional business, the IT or network team could assign applications, access rights and storage to users or departments with rigorous controls, limiting access from specific devices, and secured with strong firewall, virus and intrusion protection.
In the cloud era, users can access services on a vast number of devices, including:
- BYOD mobiles
- Home PCs
They can access applications from any network, airport or hotel WiFi, and share files with several people, creating a range of access and privacy issues that cloud security must manage.
While on-premise security tools were often chosen by the business or IT provider, in most cases, cloud security is a built in partnership between the company and the cloud provider(s). Whether your cloud solutions are private, public or hybrid, and depending on what cloud service your staff access, cloud security must be tailored to protect the business and create a manageable solution that's easy to monitor given the huge volumes of accesses and files involved.
For many businesses, the move to cloud sees files and data transition from local servers to cloud-based resources. Questions over ownership, encryption standards, data location and compliance are all issues that need to be resolved before we reach the question of security.
Benefits of such migrations include instant access and setup, reduced cost with fewer expensive in-house servers or data centers, and endless expandability of resources. This makes the cloud ideal for high-growth companies, with enterprises flocking to the cloud for the cost savings.
During the COVID crisis, many companies have rushed to cloud services to keep their operations up and running, with little consideration of the security implications. Something that worked immediately was more valuable than a well-planned and implemented solution, which led to several embarrassing scenes, including:
- Unprotected Zoom meetings being hacked
- Easily guessed passwords exposing business data
- Issues with duplicate data or files being created and deleted
However a cloud transition or adoption happens, cloud security is vital to ensure the business is protected when it comes to:
- Data security: protecting against breaches and unauthorized sharing
- Regulatory compliance: ensuring personal or privileged data is protected and data discovery is achievable
- Cloud redundancy: if the cloud goes down, how does the business continue to operate?
- Cloud DDoS protection: putting services in the cloud makes them vulnerable to denial of service attacks
These and the traditional IT risks of malware, viruses, unauthorized use and data theft highlight the need for continuous, up-to-date cloud security that alerts the business instantly to any threat against it.
As with any IT solution, there are a number of choices or trade-offs that can be made to address challenges and risks. Some cloud services come with built-in security features, but are they enough for your business requirements? Is it possible to implement third-party cloud security? Can the cloud security tools integrate with existing protection?
Each query needs to be investigated and addressed during the product evaluation and selection process. Similarly, do they adequately meet the risks of insider threat, account hijacking, and does your IT team have the skills to manage these new processes? That's a lot to understand before investing in cloud security, but once those questions are resolved, the rest of the process should be speedy.
The investment in cloud security is minor compared to traditional solutions. It helps companies avoid embarrassment, such as when Sony had its PlayStation Network hacked and shut down, or when Yahoo saw 500 million customer records exposed. Even relatively low-profile organizations like Mexico's Electoral Institute saw 93 million voter registration records compromised in 2016.
Hundreds of invisible firms are hacked and held for data ransom every month, largely due to insufficient security, and there are a range of cloud security issues and solutions to be considered:
1. The rise of shadow IT
Shadow IT is a growing risk as departments seek to adopt the easy-to-acquire cloud tools they want for their teams. Bypassing central IT can create a shadow world of apps and data that risks hacking, litigation and worse as these unmanaged fiefdoms grow, and others see the immediate benefits without being aware of the wider security implications.
2. Poor access management
Access control remains a constant danger. Examples include fired staff still being able to access files, contractors finding easy logins, and poor security, meaning easily guessable passwords are rife. Access management tools can tighten up this aspect of cloud security and bring clarity to user identities and what files or data they should access.
3. Weak services or APIs
Code in the cloud is just as risky as code on your servers. Poorly written or badly tested applications or APIs can create all sorts of access holes, network calls, and vulnerabilities that hackers can exploit. Penetration testing and other cloud security features can help find and fix these before any damage is done.
4. Misconfigured cloud storage or applications
One of the most popular hacks involves people looking for default or weak passwords in Amazon Web Services buckets, then sharing the files they find with others. Similarly, many popular web security cameras have default settings that can have whatever is in their field of vision shown off to the world. Automated checking of these settings and configuration files can help limit these risks, while password testing and strong guidelines will help the business avoid such risks.
The benefits of cloud security are numerous, bringing all the traditional features endowed by the cloud as well as business-specific elements that make it easier and cheaper to customize for your needs.
1. Rapid deployment
As with most cloud services, you acquire it, activate it and tell it what to protect. Compare that to some traditional security where hardware must be installed on the network, security tools and patches applied across many machines, and complex rules and policies drafted, tested and implemented.
2. The arrival of AI security
Many cloud services use AI to monitor events and can report out-of-normal activity faster than a traditional service that may need regular patching, firmware updates and other complications. With the cloud, all updates happen live and instantly, with only the occasional update causing outages across the billions of operational instances per year.
3. Cost savings and reduced admin
Beyond accessibility and security implications, the major benefit of cloud security is the slashing of costs for dedicated hardware, applications and the staff to run them. While many on-premise security tools are prone to failure, attacks or outages, cloud users simply won't tolerate them and tools reflect that immediate need. And with dashboards and alerting tools, the workload decreases for IT professionals, allowing them to focus on operational issues.
4. Protection against DDoS attacks
An on-premise server or database is a fixed point of attack, whereas the cloud offers huge bandwidth and depth to protect against DDoS attacks, with cloud security tools rerouting traffic, providing backup resources and other tricks to keep a business running during events that would cripple a traditional IT infrastructure.
Native cloud security tools provide a range of features that allow the business to create cloud policies, manage data privacy and identify security issues across a company's cloud footprint and IT assets.
In the era of GDPR and other business regulations, the need for data protection and security remains paramount. All companies seek to keep their data secure and cloud security enables varying levels of protection depending on the business need.
Cloud security helps by:
- Blocking unauthorized access to data stores
- Preventing users from sharing files they shouldn't
- Protecting against common internet attacks like DDoS
- Providing secure encryption between users and data
- Allowing compliance professionals to set rules to enforce the above and any industry-specific protection mandates
To achieve all this, cloud security solutions offer tools like cloud access security brokers, cloud inspectors and cloud security controls. Analytics features like user behavior monitoring tools look for non-typical behavior. This could be a user suddenly logging in from another country (having had their login details stolen) or multiple rapid sign-in attempts (suggesting someone is trying to brute force guess passwords).
Additional tools include identity and access management, live threat intelligence, monitoring and prevention, cloud vulnerability and penetration testing, micro-segmentation, and smart firewalls, all of which combine to deliver features to keep the bad guys out and keep your data safe. A combination like this provides a set of best practices, procedures and guidelines to enable any business to defend itself.
For advanced technology companies, these features stretch to containers, dockers and compute resources to protect applications and services. In terms of compliance, solutions allow IT professionals to create rules that monitor who accesses what files, or prevents access to others.
Once enabled, cloud security works in an automated fashion, providing alerts and dashboards as needed, reducing the time demands of staff and helping them gain visibility into the functions and operational needs of the business.
Since every company has its own cloud productivity tools, applications and other services, there are a wide range of vendors providing out-of-the-box or user-definable solutions for clients. The key is to assess, using outside help if needed, what the risks to your cloud footprint are and choose the most appropriate tools or services to protect them.
Every company needs to define what it can and can't do in the cloud. These cloud security policy rules will inform all business IT thinking, and prevent staff from creating shadow IT services that are unmanaged and create risk.
Based on this, IT can choose the right cloud security products and cloud services that combine to produce the most efficient productivity tools that are defended and robust. As more companies move to the cloud and advances like the Industrial Internet of Things (IIoT) see hardware being used across different locations, companies need to be ready for a cloud-first world. And one that's secure from the outside, because cleaning up after a massive attack will be hugely costly and embarrassing.
The cloud is a friend to business, not a threat, and cloud security helps companies make the most of it in a secure manner. All it takes is thought and understanding to deliver a secure environment for your business to bloom.
- Understanding Cloud Security Responsibilities and Best Practice
- 5 Steps to Build a Successful Cloud Center of Excellence
- 8 Cloud Security Must-Knows from the Pros
- How to Lock Down the Cloud Control Plane with CSPM
Join the conversation...