By Peter Theobald | August 9, 2019
Enterprises are increasingly embracing the cloud for a wide range of applications, due to its many advantages – reduced costs, flexibility, scalability etc. But the security of your cloud-based systems is a big concern due to the shared security model of cloud computing. While the cloud vendors take responsibility for securing the basic cloud infrastructure, the responsibility of the security of the applications and its related data remains with the customer. In addition to the traditional security controls which have morphed into their cloud-based avatars, there is a need for a separate breed of specialized cloud security services, to cater to the unique features of cloud-based systems and applications.
What do customers need to look for in this space? The first requirement is to perform a high-level architectural review of the cloud landscape to identify potential security risks and exposures such as misconfigurations. What’s more, due to the dynamic nature of the cloud, such assessments cannot be one time or ad-hoc – rather they need to be run on a virtually continuous basis, to ensure compliance with the standards such as PCI-DSS, NIST, GDPR, and others. Cloud is one area where the one-size-fits-all approach certainly does not work. The specific organizational requirements and policies have to be translated into customized security controls that fit the environment. In fact, often it is not a single environment that has to be managed and secured – multi-cloud deployments across AWS, Azure and/or GCP are becoming increasingly common and more complex to secure.
Due to the always-on nature of cloud operations and the nature of its global exposure, speed is of the essence in cloud security. Incident response based on detection of anomalous behavior has to be swift, to prevent it from exploitation from any corner of the globe. By its nature, since the users and administrators of the cloud are geographically dispersed, the need for monitoring the systems for unauthorized changes to configurations and access rights is critical. These changes/drifts have to be reversed immediately to minimize damage. On the cloud, prevention of misuse of privileges is key. If a hacker obtains unauthorized privileges, he can even create and launch assets for furthering his own malicious purpose (for example bitcoin mining, or even indulge in data hijacking, large scale ransomware attacks. Since Compromised credentials of privileged users can lead to full account compromise, providing just-in-time privilege escalation, on an as-needed basis, is a good idea. These privileges can be turned off when no longer required, along with the access to a port or IP addresses that are not in use to prevent attacks by port-scanners, botnets etc. This results in a reduction in the attack surface.
To summarize, cloud security solutions need to provide customers with full visibility and control of security and compliance in the cloud, and protect against the troika of vulnerabilities, identify theft and data loss. Do contact us @ Hitachi Systems Micro Clinic to learn more about our offerings in this space!