Moving to the cloud has so many strategic advantages for business. The key advantages, especially during the COVID-19 pandemic, is that employees can work remotely from anywhere, as data in the cloud can be accessed from any Internet connected device. At the same time, the reasons that make cloud so appealing have also introduced a host of new cyber security threats and challenges.
The Cloud Security Alliance (CSA) has put together a list of top 11 threats in September 2020. Based on their study, this article will look at the top 5 threats facing your business from a rushed approach to cloud.
- Data Breaches
Data breaches are a cause for concern whether you store data on premises or in the cloud. Unfortunately for cloud users, Internet-accessible data is the most vulnerable to misconfiguration or exploitation. To protect data, you should consider encrypting data where possible, as well as having solid, incident response plans that take cloud into consideration.
- Misconfiguration
The complexity of cloud-based resources makes them difficult to configure. The CSA cites a few examples to show just how problematic misconfigurations can be. They mention the Exactis incident where the provider left an Elasticsearch database containing the personal data of 230 million US consumers publicly accessible due to misconfiguration. Just as damaging was the case where Level One Robotics exposed IP belonging to more than 100 manufacturing companies thanks to a misconfigured backup server. To avoid this happening to you, the CSA recommends using automation and technologies that scan continuously for misconfigured resources.
- Lack of Cloud Security Strategy
In the rush to move to the cloud during the pandemic, a quick migration was prioritized over cyber security. In some cases, businesses become operational in the cloud, using security infrastructure and strategies that were not designed for it. In some cases, many businesses mistakenly believe that the cloud provider is responsible for the security of their data. To move beyond this, your business needs to develop a cyber security strategy that develop and implement a security architecture framework, that keeps threat models up-to-date and is continuously monitored for threats.
- Insufficient identity, credential access, and key management
Identity access management (IAM) is something that needs to be strengthened in a cloud environment. Access privileges need to be given on an as needed basis, rather than give all employees access to everything. In addition, strong passwords and multifactor authentication (MFA) should be used to protect data from unauthorized access.
- Insider Threats
The insider threat still exists in a cloud environment. The CSA defines an insider as “current or former employees, contractors, or a trusted business partner—anyone who doesn’t have to break through a company’s defenses to access its systems.” Not all insider threats are malicious, in some cases insiders unwittingly can put your organization at risk by misconfiguring systems or simply clicking on a link in a phishing email. The CSA’s recommendations to mitigate the risk from insiders is to ensure employees have access to ongoing cyber awareness training and resources, regularly audit and fix misconfigured systems, and restrict access to critical systems.
While securing your cloud environment can be challenging, the burden can be eased by finding a cyber security partner with expertise in cloud cyber security. Relying on your cloud provider is not good enough. Contact Uzado today to learn more about how we can help you manage your cloud cyber security.