Security Threats in Cloud Computing
More and more organizations are moving to cloud-based computing. Not only data, but even software and systems are being hosted on cloud. With the rise of remote working and ‘Bring Your Own Device’ culture, cloud computing has become the need of the hour. But cloud computing attracts unique security risks as data and application necessarily are hosted outside the organization with third-party cloud provider. This feature inherently makes systems vulnerable to attacks, downtime and other issues such as loss of Governance, lapses in authentication and authorization, isolation failures, failures in application and data protection, and malicious activities to name a few.
Threats in Cloud Environment
Here are some of the most common types of cyber threats in the cloud environment:
1. Data breaches
Cloud environment faces threats that are similar to those faced by an enterprise environment. However, as a cloud service provider is accountable for storing large amounts of data belonging to multiple enterprises, the threats are magnified by significant proportions. The severity of damage depends upon the kind of data that is breached. Data such as health records, trade secrets, and intellectual property carry the same risk of getting stolen that financial data does. When a data breach occurs, companies may incur fines, and face lawsuits and criminal charges. More than monetary impact, reputation loss can affect organizations for years.
What should be done?
It is important to adopt DLP tools as a part of your cybersecurity plan as it will help your IT department monitor and control the data sharing activity across endpoints and get alerts of any suspicious data movement.
2. Compromised credentials and broken authentication
Lax authentication policies, poor key and certification management are some of the major reasons of security breach in cloud services. Many organizations struggle with identity management. They assign unnecessary data privileges to anyone and everyone just to ease the access management. Organizations also forget to remove user access when an employee’s job function changes or they leave the organization.
What should be done?
Organizations should use multi-factor authentication, phone-based authentication, and smart cards (digital tokens) to protect the access to cloud services as these provide a barrier against attackers prying on log in ID and passwords.
3. Hacked interfaces and APIs
Almost all cloud services now provide APIs (Application Programming Interface). APIs are required by organizations to manage and interact with the cloud service they are using. Therefore, the security of the cloud service largely depends on the security of APIs. These are the most vulnerable part of the system as they are directly exposed and are accessible via the Internet.
What should be done?
Threat modelling of systems, their architecture and data flows are critical to control the risk of inadvertent access to data using APIs.
4. Account hijack
Cloud services are turning out to be a new hunting ground for phishing attacks, online scams and fraudsters. Attackers can eavesdrop on user activities, steal their personal information, misuse the stolen data or sell them on the online black market. They can also use breached applications to launch other attacks within the cloud.
What should be done?
Organizations should prohibit sharing of account credentials between users and services. Every transaction should be monitored so that it can be traced back to a human owner.
5. Malicious Insiders
An insider threat could be a current or a former
employee who is responsible for a security breach in an organization. 90% of security incidents in businesses happen due to insiders (Verizon 2015 Data Breach Investigation Report).
What should be done?
System access given to users should be restricted only to data and application that are required by a particular user to perform their job. The data responsibilities should be segregated and both the responsibilities and system access should be frequently audited. Effective logging, monitoring, and audit administration are critical for effective security of the cloud computing system.
6. Inadequate diligence
Many organizations are embracing the cloud technology without fully understanding its environment and the myriad risks associated with it. Business owners often overestimate their need to be on cloud and in selecting the right partner for their cloud computing needs. Many times, they fail to scrutinize the contract made with their cloud partner and are not aware of the provider’s liability in case of a data breach.
What should be done?
Organizations need to be diligent with:
- Understanding their requirements from cloud computing service.
- Selecting the right cloud service provider.
- Review of their contract to understand the responsibilities and liabilities.
7. Shared technology, shared dangers
Cloud computing is based on the concept of shared technology. The concept multi-tenancy comes with a danger that if vulnerability arises for one user, it arises for all. A single vulnerability or misconfiguration can lead to a security incident across the complete cloud infrastructure.
What should be done?
Organizations must not only need to place a private encryption system for their own data but also need to look at concepts such as least privilege access, network segmentation and host-based and network-based intrusion system, provided by the cloud service provider.
Cloud computing provides many benefits to organizations both large and small. However, organizations need to understand that security of a cloud infrastructure is a joint responsibility. The cloud service provider will have their own security mechanism in place but that needs to be analyzed and understood to meet the organization’s requirement. At the same time, organizations need to implement their own security on top of what is provided by cloud service provider. They need to implement data loss prevention tools which are in their control to manage not only the encryption for protection of data but also the user access control and monitoring of data and devices accessing that data.
Seqrite helps businesses simplify IT security and maximize business performance. To know more about our products and services visit our website.
