Cloud security!
Security has always been the most challenging aspect of the technologies since the Internet era began; be it attacks on hardware or the phishing and DoS attacks. Also, I remember an employee from McAfee telling us in his talk that “…to make your devices secure, we need to always be one step ahead than the attackers which makes the job of ethical hackers even more essential…”. After hearing this I got concerned about the data security over the World Wide Web. That made me dive deeper into the thoughts like, “what convinced the IT companies to trust their data and services over the cloud platform vendors?”, “What if the cloud services breakdown for some unprecedented reason?”, “Do we lose the whole service and data?” etc.
Although cloud computing has so many advantages, people are equally discouraged by the security threats. Is it wrong to get deterred? No, it’s the first thing anyone should look at before taking any cloud platforms or services into consideration. But I still support cloud computing as it has actually evolved and has become a must for businesses and government. We need to look into what cloud security actually is, what are the challenges that can come across while using the cloud, and finally the solutions to these challenges.
According to Investopedia.com, cloud security is defined as, “the protection of data stored online via cloud computing platforms from theft, leakage, and deletion.” McAfee says that, “it involves the procedure and technology that secure cloud computing environments against both the internal and external cybersecurity threats.” It is a form of cybersecurity that consists of policies, controls, procedures, agreements, and technologies that work together to protect data and infrastructure of the cloud-based systems. It also makes sure that it protects customer’s privacy and sets up rules for authentication for company employees or individual users.
Data is stored by the third party that too accessed over the Internet has several conundrums to be faced, to be able to maintain a secure cloud. Some of the major challenges are:
- In most of the cases when the cloud services are accessed outside the corporate network, the IT team needs the ability to see into cloud service itself and have full visibility over the data.
- Who has the control over the cloud data? Cloud service customers have a limited control themselves and access to the underlying layers is unavailable.
- Data breaches caused due to the vulnerabilities present in the cloud usually in the native functions in the cloud. McAfee describes cloud-native breach as “It is a series of actions by an adversarial actor in which they “land” their attack by exploiting errors or vulnerabilities in a cloud deployment without using malware, “expand” their access through weakly configured or protected interfaces to locate valuable data, and “exfiltrate” that data to their storage location.”
- Vendor Lock-Ins has been pointed as the primary reason for an IT organization to get the maximum value from cloud computing.
- Misconfiguration of IaaS can act as a front door for cloud data breach. Insecure Interfaces and APIs can also be posed as a threat to the users because not all of them are secured entirely.
- Compliance acts as a major factor while choosing cloud vendors. In sectors like healthcare and finance, where requirements of storage of private data are high, getting full compliance from the vendor with the private or hybrid cloud can get more complex.
- Lack of transparency has always been a concern when a business buys in third party cloud services because it is likely that they will not be provided with a full-service description or details of how the platform works etc. Surveys conducted have implied that only 75% of the IT managers were marginally confident that the company data is stored in the cloud is secure.
and many more…Yes, there are so many challenges to cloud security but we do have some really good solutions that we are currently using in platforms like RedHat, AWS, GCP, Azure, etc.
Some good solutions offered towards the challenges given above are:
- For getting a good visibility of data, highly secured API connection can be established to the cloud service to get the information like, “what data is stored?”, “Who is using?”, “roles of users that are accessing the data” etc.
- For getting good control over the data we have multiple methods to tackle that can be used over different situations: Data classification- Classify data on multiple levels, such as sensitive, regulated, or the public, this way data can be stopped from entering or leaving the cloud service. Data Loss Prevention (DLP)-to protect data from unauthorized access of certain roles and automatically disable access and transport of data when suspicious activity is detected. Collaboration controls- Managing controls within the cloud service like file and folder permissions for specified users to editor or viewer, removing permissions, and revoking shared links. Encryption- Cloud data encryption can be used to prevent unauthorized access to data, even if the data is stolen.
- Having good and secure access to cloud data is important especially in applications like house security systems. Some of the typical controls are: User access control- Implementing system and application access controls that ensure that only authorized users access cloud data and applications. A Cloud Access Security Broker (CASB) can be used to enforce access controls. Device access control- Block access when a device outside the corporate network is used. Malicious behavior identification- Using user behavior analytics (UBA) to detect compromised accounts and insider threats for the service. Malware prevention- Preventing viruses from entering cloud services using methods like firewalls, file-scanning, application whitelisting, machine learning-based malware detection, and network traffic analysis. Privileged access- Identify all possible forms of access that privileged accounts may have to your data and applications, and put in place controls to mitigate exposure.
- The existing compliance requirements and practices should be improved by: Risk assessment- Identifying and addressing the risk factors (external and internal) over the past few years will create a risk database. This database can speed up the risk assessment and we can get a better-trained model. These risk assessments should be reviewed and updated regularly. Compliance assessments- This assessment will identify the gaps between the existing control environment and what is required. Some examples of the compliance assessments are GLBA(Gramm-Leach-Bliley Act), PCI DSS(Payment Card Industry Data Security Standard), HIPAA(Health Insurance Portability and Accountability Act), etc.
These are some of the many methods used to make clouds secure.
Recently while I was doing a course on Google Cloud Platform, I heard the tutor mentioning SLA and Cloud IAM a lot, while talking about security and access to the cloud project you are making. SLA is the ‘Service Level Agreement’ that ensures a minimum level of service is maintained. It is a very important agreement between a vendor and the company. IAM is Identity and Access Management. With the name itself, you must have guessed that it helps the company control the people who are authenticated and authorized to use the resources on the cloud.
As I searched more about the topic it had so many things to it which leads to a trending topic currently named ‘Cybersecurity’ or ‘Information Security’, which is a different domain altogether. Although I have attached a few links for the cybersecurity enthusiasts below.
REFERENCES:
