Professional Documents
Culture Documents
Cloud Security Data
Cloud Security Data
Cloud storage security includes a set of policies, technologies, tools, and practices to
protect data stored in cloud storage systems from leaks, cyberattacks, unauthorized
access, and other threats.
Cloud storage security is fundamental for cloud data protection that includes data
accessibility, data privacy, and data integrity. Protecting cloud storage involves
fortifying cloud storage infrastructure, shielding networks, and endpoints, securing
cloud data in rest and motion, and monitoring for vulnerabilities and risks.
There are three types of cloud storage models: public, private, and hybrid.
Public cloud storage: This cloud storage is hosted and managed by third-party cloud
storage providers who share the storage resources with multiple customers. Google
Cloud, Amazon Web Services, Microsoft Azure, and IBM Cloud are some of the
popular public cloud storage providers.
Private cloud storage: This type of cloud storage service is owned, hosted, and
operated by an organization or bought from an external cloud storage provider
exclusively for its use. There is no sharing of storage resources here.
Hybrid cloud storage: This cloud storage combines and allows data sharing between
both public and private cloud storage. Organizations using private and public cloud
storage leverage hybrid cloud storage services to use them both with seamless
interoperability.
Cloud storage eliminates the need for businesses to buy and manage on-premise data
centers of their own. It has five significant features that differ from traditional data
centers:
Enterprises scale their cloud storage capacity as the data volumes increase or dial
down capacity if volume decreases. So, rather than spending on building and
maintaining a storage network, companies pay for the storage capacity they use while
the provider maintains it for them.
More than half of hybrid cloud storage users benefit from the cost savings (63.4%),
scalability (61.8%), and business continuity (50.4%) it offers, according to a G2 survey.
Vendors also store multiple copies of the same data on different servers and if
needed, in different locations. So, even in case of any disruption from short-term
hardware failures, network or power outages, or a natural disaster, the cloud offers
uninterrupted service and business continuity.
Security - the special cloud problem
Cloud storage vendors host, manage and maintain the servers and associated
infrastructure on behalf of their users. They also safeguard the cloud infrastructure
with several security features like:
But there are two lingering questions about this relationship: where does the
provider’s responsibility for cloud security end? Where does the buyer’s
responsibility for cloud security begin?
This is where the shared responsibility model of cloud security comes in.
In an on-premise data center, the company owns the complete tech stack; there’s no
question of who is responsible for security. But when the company transfers data to
the cloud, some security responsibilities shift to cloud service providers (CSPs), and
some rest with the users. The shared responsibility model dictates which security tasks
the cloud provider handles and which tasks the company takes care of.
The responsibilities vary depending on whether the cloud service model is software as
a service (SaaS), platform as a service (PaaS), or infrastructure as a service (IaaS).
Cloud storage vulnerabilities and risks
Cloud storage has several vulnerabilities and your protective measures will only be
effective when you identify these issues and frame your security strategies
accordingly.
Some cloud storage vulnerabilities come from some of its great features. Here are
some of the common vulnerabilities of cloud storage facilities that raise security
concerns.
Users place their data in the remote servers of cloud storage providers. Since
securing the physical infrastructure falls on the vendor, users lose control over this
component. They have to rely on the service provider to ensure there’s no data
leakage. This raises security concerns and issues related to data privacy and integrity.
True, cloud storage providers offer security controls, but when you’re operating in a
zero-trust environment, users need to take additional precautions.
Case in point: U.S apparel retailer Bonobos lost seventy gigabytes of customer data
in 2021 due to a breach in a backup hosted by a third-party cloud service. Bonobos
had to notify the service provider to secure their customer data.
Multi-tenancy
Like tenants who share apartments in a building, companies share cloud resources
with other organizations. Cloud multi-tenancy provides better use of resources and
saves costs for businesses. On the flip side, however, weak tenant separation or
vulnerability in the shared cloud environment compromises multiple tenants. A flaw
in a single shared application or a misconfiguration of a single user’s system can
lead to a chain of cyber attacks on multiple cloud users.
Case in point: in January, a research by Ocra found that attackers could bypass
tenant separation and access sensitive credentials and data of multiple customers in
a public cloud data platform. The vulnerability allowed data access and the execution
of codes on customers’ machines, compromising the entire system.
System vulnerabilities
Cloud storage also has bugs or other system vulnerabilities that get discovered now
and then. Attackers may exploit them to access data, compromise data integrity, and
privacy, and potentially disrupt service.
Case in point: in 2021, a cybersecurity research team from Wiz found a system
vulnerability in a widely used database service of Microsoft Azure which
allowed access to thousands of customer databases, including those of Fortune 500
companies. Subsequently, researchers found five other vulnerabilities that were later
patched up.
Misconfigured cloud
Misconfiguration is the leading and most common cause of data breaches in cloud
storage. It’s a vulnerability hiding in plain sight.
When companies don’t configure their cloud storage properly, they leave the door
wide open for anyone to exploit. They either misconfigure the system when
migrating to the cloud or make unapproved changes to settings post-deployment,
resulting in major security incidents.
Today, cloud attackers use automation to detect misconfigurations and other
vulnerabilities. Once in, they smash and grab the data they need. Some causes of
misconfiguration are:
Just like with APIs, companies increasingly rely on third-party apps and resources.
Risks exist in each one of these products or services. Any vulnerability in such
third-party apps can cause significant damage to cloud users.
An insufficient IAM is like giving your house key to thieves. In the cloud, it leaves
your servers and other tenants open to attack and account hijacks. Poor IAM can be
slower in provisioning or de-provisioning privileged cloud access or
undermanaged password, but these make it easier for malicious insiders and
hackers to hijack your account.
Case in point: in September, an 18-year-old got into the internal systems of Uber,
including its cloud systems, by stealing an employee’s password and tricking the
employee into approving the push notification for multi-factor authentication
(MFA).
The cloud makes data and applications accessible from anywhere on any device.
But this increases the risk of data becoming unintentionally exposed or shared.
DDoS attacks
Distributed denial of service (DDoS) attacks are one of the most significant
security concerns for businesses moving to the cloud. DDoS don’t result in a data
breach, but they can prevent users from accessing the cloud services, bringing
operations to a halt.
The attackers use compromised devices or bots to flood target cloud servers with
traffic. The cloud provider scales cloud resources to deal with incoming requests, be
it memory, disc space, processing power, or network bandwidth. This exhausts the
resources and slows service to legitimate users. In extreme cases, it causes cloud
outages.
DDoS is more concerning today because hackers are using cloud services to launch
attacks. In addition, there’s also a rise in ransom requests to companies, with hackers
holding a company’s data “hostage,” until their demands are met. While cloud
storage providers use advanced mitigation techniques to defend against DDoS
attacks, the issue remains concerning.
Case in point: in December 2021, Flexbooker faced a widespread outage to its core
application because of a DDoS attack on its AWS server. The DDoS attack also
resulted in a data breach exposing nearly 3.7 million customer records.
Hackers, organized crime groups, and advanced persistent threats (APT) pose a
significant risk to the cloud. While these attackers have different motives, they all
aim to get into vulnerable systems and exploit them for their own gain. And what’s
more attractive to them than the cloud that’s directly accessible via the internet?
Moreover, users often leave their sensitive data on the cloud unsecured, and an attack
on one user means a higher probability of attacking other users in the same cloud.
From account hijacking through phishing and social engineering tactics
to malware and advanced penetration, they use all techniques at their disposal.
Case in point: the Solarwind breach was done by a nation-state-backed APT group
to gain access to target users’ cloud resources.
Many regions today have data protection, data sovereignty, and data localization
laws, like General Data Protection Rules (GDPR). The rules stipulate where and
how businesses can store, process, and use the personal data of their users.
Businesses face heavy fines and penalties if they fail to comply with these rules.
Case in point: In July 2022, Russia fined Apple, Zoom, Whatsapp, Snap, and
many other companies for allegedly refusing to store the personal data of its citizens
within Russia. South Korea fined Microsoft for failing to protect users' personal
data in 2021.
Malicious insider
We’ve focused a great deal on the external threat to cloud storage security. But
sometimes, the call is coming from inside the house. The malicious actor is an
insider who has access to and knows the ins and outs of a company’s IT system. The
insider could be a former or current employee, contractor, or business partner who
deliberately abuses their access and credentials to cause damage. Enterprises lose
millions due to malicious insider attacks.
Case in point: a Pfizer employee who had a job offer from another company
allegedly downloaded over 10,000 company files, including sensitive information
on vaccine trials and new drugs, and uploaded them to a Google Drive account.
While the company caught the employee, it's not always the case.
Cloud security lapses can be fatal in an age where data privacy is of utmost
importance for businesses. But not a day goes by without news of data loss, malware
attacks, ransomware, and other cyberattacks. Cloud-based storage and cloud
databases are one of the top targets of attack.
These incidents carry a high cost for enterprises - a reputation hit, loss of business
due to system downtime, loss of sensitive data, and fines for failed audits and
compliance violations. Companies need to have a security architecture that
encompasses cloud and on-premise environments. Security is no longer an
afterthought.
Reading about the risks and vulnerabilities of cloud security storage may give you
jitters, but fear not. Here are six practical steps to secure your cloud, regardless of
where you are in your cloud journey.
Begin with reading the shared responsibility model of your cloud storage provider.
Ask the following questions:
Create a security plan that encompasses your cloud security responsibilities. Most
importantly, review service level agreements (SLA) with your cloud service
provider. This is the only way to know the type of service your cloud storage
provider offers and what kind of recourse exists in case of any incidents.
In the cloud, identity is the new border. A robust IAM prevents unauthorized access
to your cloud storage. Your IAM should include policies and processes for account
management, identity governance, authentication, and access control. Review your
current identity processes and update them appropriately for cloud usage.
Securing the network and endpoints from which users access the cloud is crucial as
you move beyond your on-premise perimeter to the cloud.
Use virtual private networks (VPN) to connect between on-premise and cloud
environments. Enable web application firewalls and monitor network traffic and
firewall usage. Firewalls provide DDoS protection as well as prevent unauthorized
access and man-in-the-middle attacks.
A dedicated private connection and virtual private cloud that some cloud providers
offer might be of use if you have business-critical resources.
Protecting cloud data is critical and data encryption can be one of the ways.
Commercial cloud storage services offer encryption. Use them or create your own
encryption keys that a third-party vendor provides. Ensure your encryption is end-
to-end, which means it shields your data in rest, motion, and when in use. Even if
attackers get their hands on your data, it will be gibberish with end-to-end
encryption. But make sure you have a proper key management plan in place. If the
key is lost, your data will be gibberish to you!
Keep checking user access logs and their activities to identify unauthorized changes
and inappropriate access.
You can also use software that scans for malware or viruses in your data before you
upload them to cloud storage.
5. Maintain visibility
You can’t protect what you can’t see. Using different cloud services and hybrid
clouds creates blindspots that escape security teams. Moreover, shadow IT is
common in enterprises. A G2 survey of B2B software buyers found that 56% of
employees use software that isn’t vetted by the security team.
Leverage software like cloud access security brokers (CASB) and cloud security
posture management (CSPM) to maintain visibility of your cloud infrastructure and
control shadow IT usage.
In addition, employ threat detection software to identify any high risks such as
malware or DDoS. Keep reviewing your IAM and data security policies. You can’t
just set it and forget it.
Different cloud security solutions improve your cloud data protection and strengthen
cloud security architecture. You can use a combination of these tools based on your
needs and make your organization a secure cloud company.
Identity and access management (IAM) software only allows authorized and
authenticated users based on predetermined policies. Apart from IAM, there are
other solutions, like single sign-on (SSO), and multi-factor
authentication (MFA), that serve the same purpose.
Cloud data security software protects information stored in the cloud and
transferred through the cloud. Businesses use cloud data security software to:
Encrypt or mask data stored in the cloud.
Identify sensitive data.
Control access to sensitive data.
Monitor user behavior and access for deviations.
API security tools protect data traveling through a company’s network via API.
Businesses use API tools to
The data loss prevention (DLP) tool secures control of sensitive business
information and guarantees compliance. Companies use data loss prevention (DLP)
software to protect sensitive data from loss, leaks, and breaches. It also:
Today, it's not a question of whether the cloud is secure. Rather, it’s about whether
businesses are using the cloud securely to shield themselves from cyber threats.
Adopt security practices with the cloud security software solutions mentioned above.
Keep your business on the cloud safe and secure. After all, the cloud is the future.