Migrating your workloads to the cloud is a process filled with opportunity for business growth. However, whether your business flourishes in the cloud is not just down to what platform you choose or how much you spend, but how much attention you pay to your security.
With 90% of companies now reportedly ‘in the cloud’, threat actors have an unprecedented number of endpoints to sink their cyber-teeth into.
Studies show that nearly two thirds of organisations view security as their biggest cloud challenge. Bitglass’ 2019 Cloud Security Report states that ‘93 percent of respondents are at least moderately concerned about their ability to use the cloud securely, and that the adoption rates of basic cloud security tools and practices are still far too low’.
So, how can you make the most of cloud while ensuring your data is safe? Here’s five steps to get you started.
Audits are a great place to start to assess your current security status. Whether you’ve got an in-house team of security professionals or enlist the help of external consultancies, regular audits of your cloud security are crucial. Not only does a comprehensive audit reduce the risks of falling victim to cyber-threats, it also helps you avoid downtime.
Typically, an audit employs a variety of methods to thoroughly test (inventory) your environment. This includes port scanning, internal network scans, vulnerability scans, patch updates, process checking and firewall reviews. Risk assessments of infrastructure also play a huge part to identify high value targets, how they may be targeted and how to best protect them – not all components of your solution will need the same level of security.
In a 2020 Cloud Misconfigurations Report, researchers estimated that global cloud misconfiguration breaches cost companies upwards of $5 trillion over the last two years. Common configuration mistakes include:
There is a wide variety of options when it comes to who sets up your cloud environment and how. Ensuring your cloud is securely configured from the start is therefore paramount and avoids further problems down the line.
If your organisation operates in the cloud, your data will be stored and secured by your provider. However, ensuring your organisation is compliant with current data protection regulations, such as the GDPR, is your responsibility.
Achieving and maintaining compliance in the cloud should be discussed with your provider and written into your service level agreement (SLA). Questions to ask include:
It’s best to ensure compliance at every stage of your cloud journey. Seek the help of compliance experts if you are unsure, to avoid potential fines and data breaches as a result on non-compliance.
Vulnerabilities are part and parcel of adopting any technology – and fixing these flaws is a core part of maintaining a strong cloud security defence.
Adopt robust policies for monitoring vulnerability announcements, installing patches and updating software. Otherwise, you’re an easy target for opportunistic hackers who target out of date and unpatched systems.
You should also discuss the responsibility of patching and updates with your cloud provider. For some managed services, your package includes taking care of all updates and patches within your cloud environment. For other solutions, only critical updates may be included, if any. Double check who takes care of these tasks to avoid a compromised network as a result of unattended vulnerabilities.
An endpoint describes any entry point into your network, e.g. laptops, tablets, your Wi-Fi router, your server. Each is a potential target for cybercriminals to infiltrate your network, with attack vectors such as malware, ransomware and web-layer attacks commonly used.
According to BitGlass’ 2019 Cloud Security Report, only 20% of companies have visibility over anomalous behaviour across their environment. But with IoT devices alone contributing 5.8 billion to the total number of enterprise network endpoints globally, this translates to potentially billions of unguarded network gateways.
Cloud-based endpoint detection and response (EDR) platforms improve and maintain your cybersecurity. Such platforms allow you to monitor and analyse events on different endpoints across your network, detecting and alerting you to potential cyber-threats and attacks. EDR solutions enhance overall network visibility and improve your business’ ability to prevent and respond to network threats both internal and external – such as unauthorised file changes and attempted login hacks.
You’ve got an idea of how to get started with strengthening your cloud security. But gaining expert insight from real industry specialists is always useful – and even more so when it’s free!
Book your free place at Cloud Security Live, hosted in Manchester and London this July.
Jam-packed with talks, panel discussions and workshops from cybersecurity specialists – including former director at the National Cyber Security Centre John Noble – the event will cover a range of topics including data protection, patching, cloud payments and much more!
Discover what’s on at Cloud Security Live 2020.