Cloud Threats & Mitigation Techniques
Posted October 31, 2022 by Chris Glanden
In honor of National Cybersecurity Awareness month, Sayers will be releasing a series of short videos focused on various cybersecurity topics. In this episode, I’d like to talk to you about cloud threats and mitigation techniques.
Let’s face it we all know cloud adoption and migration on the rise with benefits to an organization including potential cost savings, availability, and collaboration. Although, with more data, applications, and services moving and residing in the cloud, unique security challenges present themselves.
Here are some top security threats organization’s face while leveraging the cloud and ways to mitigate them.
1. Relaxed identity controls.
Cloud computing introduces adjustments to traditional IAM practices. You want to integrate and consolidate to a single source of truth for all identities.
Use MFA. Limit use of root accounts. Employ IAM for cloud users. Segment accounts, VPCs and identity groups, and enforce proper key management by rotating keys and removing old accounts and reviewing access privileges.
Additionally, ensure your governance programs are tracking employees onboarding and exiting the organization, and limiting their access as necessary.
2. Insecure interfaces and APIs.
Cyber criminals are attracted to Cloud APIs, because they become a dependency within Enterprise IT infrastructures. APIs significantly assist in automation, reporting and so much more.
You want to enforce good API hygiene from developers. Use security focused API Frameworks such as, open Cloud Computing Interface, or OCCI, and the Cloud Infrastructure Management Interface or CIMI.
Employ a tool to provide visibility into API security risks as well as control and monitor the API identity life cycle.
3. Accidental data exposure.
High volumes of unsecured data flowing between organizations and external CSPs, or cloud service providers. This often leads to a cloud leak where sensitive business data stored in a private cloud instance is accidentally exposed to the internet. In addition, misconfigurations of S3 buckets are responsible for 16 percent of all cloud security breaches while exposing sensitive data.
You want to look at Solutions such as DLP CSPM and CAASB. These are a few tools that will continuously monitor for misconfigurations and data leakage. In addition, use your education especially within devops team use end-to-end encryption validate access credentials and continuously perform security assessments and audits.
4.Insider threat.
An employee can download sensitive data from a corporate sanction cloud service, then share it with an unapproved third party such as a vendor, partner, or public entity. This threat can be intentional or accidental, but the end result is still the same.
You really want to develop an Enterprise Data Protection Program, which could leverage DLP tools, include encryption of data and behavioranomaly detection. The cloud with all of its complexity is a prime location for a cyber attack or a data breach to take place. The top threats I mentioned along with many others require more industry attention and research to continue to mitigate as the cloud evolves.
If you would like to learn more about Sayers and our service offerings such as securing your cloud environment, please visit us at www.sayers.com. Thank you.