3 Major Cloud Security Breaches and How to Boost Your Defenses Against Them

{authorName}

Tech Insights for ProfessionalsThe latest thought leadership for IT pros

Friday, June 25, 2021

A staggering 92% of IT professionals worry their organization is at risk of a major breach due to cloud misconfiguration. Here are three recent examples.

Article 5 Minutes
3 Major Cloud Security Breaches and How to Boost Your Defenses Against Them
  • Home
  • IT
  • Cloud
  • 3 Major Cloud Security Breaches and How to Boost Your Defenses Against Them

Cloud breaches are an increasingly common part of the technology news. The truly scary part is that most go unreported, either because the company remains unaware of the breach or pays to keep it out of the news. Here are three recent examples of the damage cloud breaches can do, and what IT professionals need to do to ensure it doesn’t happen to their business.

Pretty much every type of institution and cloud service has been breached around the world, from the US government and many colleges to IT service providers, security firms and many businesses that lose valuable customer data. Most breaches are caused by incorrectly configured clouds, or complexity that the business doesn’t understand as it builds its operations on private, hybrid or public clouds.

Strong cloud security requires strong leadership

Equip your team with the right tools to improve visibility, reduce risk & respond to threats faster.

VISIT THE HUB

Breaches across the clouds

Without adequate security measures in place, you risk exposing sensitive data to hackers and other threat actors. Here are a few companies that have experienced data breaches in the cloud.

1. SolarWinds

The most infamous recent example is the SolarWinds breach that led to a massive explosion of hacks across many branches of the US and UK governments, NATO and many businesses. One of those was FireEye, a security firm that traced their breach back to a 2020 hack into SolarWinds’ enterprise IT solution software, alerting the rest of the world.

2. SITA

More recently, Swiss-based airline booking provider and data handler SITA saw its cloud hacked as part of a highly sophisticated attack. This led to a data leak for many airlines, with more still being revealed. Air India only just reported the loss of 4.5 million customer records including credit card numbers, but not the CVC codes.

3. Marriott Hotel

In terms of volume, the Marriott Hotel chain hack of 2018 saw around 383 million user details lost to what was believed to be a hack by the Chinese government. The weakness that led to the hack was believed to be a “failed cloud security strategy during the Marriott-Starwood Merger.”

Among IT professionals, 92% worry that their organization is at risk of a major breach due to cloud misconfiguration and these examples are just the tip of the iceberg. Many other hacks share similar attributes such as the long gap between the hack and its discovery and the tough job of establishing exactly what was taken. These will give IT practitioners and security experts nightmares for years to come.

Strengthen your organization’s defenses

When it comes to protecting your business against cloud misconfigurations that could lead to hacks, there are several steps to take.

1. Train and educate employees regularly

All workers are busy people, with just a few seconds to recognize that something may be amiss when it comes to cloud security or to judge if an email looks suspicious. Onboarding sessions that highlight the risks are key to set a baseline of knowledge.

All staff should get regular alerts to the risks, training emails that highlight the latest threats and best practices to help protect the business. From time to time, the business should send out benign “scam” emails to test which workers are paying attention and which need some further education.

2. Encrypt and protect data

Data access should only be granted to relevant personnel, and strongly encrypted both in storage and when transferred across the cloud with end-to-end encryption. Files stored on end users’ devices should be password protected.

Any related pieces of data in a set that would make a breach worse (like the credit card numbers and CVV/CVC codes in the SITA hack mentioned above) must be stored in separate files or locations to limit the potential for damage.

Tokenization is an increasingly popular method of protecting sensitive data. It works by replacing the actual information with a cryptographic hash, ensuring that no useful information can be gleaned should a file be stolen without access to the token vault. Tokenization is common in the banking and other regulated industries and is becoming more widely used as breaches become more frequent.

3. Build strong cloud governance policies

Any high-growth or expanding business is under pressure to adopt cloud services to enable that growth. Doing so in an unstructured manner will increase the likelihood of a breach or hack. Starting the business with a leadership-led cloud governance policy is one way to reduce the risk.

A cloud governance policy should explicitly state what cloud services the business can use, what security features must be enabled and operating rules for all users. The policy must enable regular feedback and reporting, so it isn’t left on a shelf to collect dust, with key roles responsible for updates and building the accompanying breach or disaster recovery plan.

4. Use a CASB rather than leave users to their own devices

When unsupervised some workers can get up to all kinds of clever or chaotic ways of using services, apps and files. A cloud access security broker (CASB) is a tool to monitor and audit the activity of users, reporting out-of-normal behavior to the IT department for investigation.

The CASB acts as an intermediary between the business and cloud services, monitoring activity and ensuring that corporate data policies are followed. These can include ensuring features like malware detection is enabled and that single sign-on or multi-factor authentication are in operation, along with encryption, tokenization, access logging and other elements to protect data.

IFP cloud security buyers guide 2021 banner

5. Ensure cloud resources are archived

Business data backups may have moved on from the era of DVDs or tape drives kept off-site, but all on-premises data needs to be backed up, ideally to remote cloud storage, while all cloud data needs redundant backups to ensure business continuity and recovery from disaster.

Cloud backups reduce costs, improve accessibility to the data and backup services offer redundant, encrypted data storage. While the cloud can be slower to recover from compared to on-site storage, the flexibility is often of more value to firms.

Cloud breaches will continue to happen and increase in size as global businesses move more data to the cloud, creating a tempting target for government or financially motivated hackers. Layering all the defenses your business can to protect against them is the only way to maximize security and prepare for when the inevitable attack does happen.

Further reading:

 

Access the latest business knowledge in IT

Get Access

Tech Insights for Professionals

The latest thought leadership for IT pros

Insights for Professionals provide free access to the latest thought leadership from global brands. We deliver subscriber value by creating and gathering specialist content for senior professionals.

Comments

Join the conversation...