The increased use of cloud infrastructure, services and applications is creating a multitude of cloud security challenges for organisations.
In the second of our three-part series, we highlight the most common cloud security challenges.
1. Insecure migration to the cloud
When migrating infrastructure and services to the cloud it is vital to establish a clear strategy to avoid new security risks. As moving to the cloud can vastly widen the attack surface, it’s important to check whether current security controls will still be effective when migration is complete. Taking extra time to assess the risks is highly recommended for organisations that lack cloud security experience.
The risks of rushed and poorly planned cloud migrations have been highlighted throughout the COVID-19 crisis. In the move to adapt, companies have quickly adopted cloud services such as Office 365 and G Suite to support remote working. However, this shift has led to a rise in cyber-attacks. In a new survey, 79% of UK businesses reported an increase in phishing attacks since the start of the pandemic.
2. Securing hybrid and multi-cloud environments
While more organisations are moving to the cloud than ever before, a large proportion are opting to keep some data on-premises. A recent survey showed that 87% of enterprises have a hybrid cloud strategy while 93% of enterprises have a multi-cloud strategy.
Maintaining the security of hybrid and multi-cloud environments, particularly when data is shared between them, creates complexity and increases the need for dedicated expertise. As the structure of each cloud environment is different, a specialist knowledge of each platform is needed to best secure it.
3. Obtaining centralised threat visibility
Poor threat visibility is the inability to detect and respond to threats targeting different areas of an organisation’s estate. Threat visibility is vital in terms of helping to catch attacks early and shut them down before they result in serious damage.
As well as operating across multiple cloud environments, organisations are also using a large number of Software-as-a-Service (SaaS) applications. Without comprehensive cloud security monitoring, it may be impossible to know whether user accounts have been compromised and when users are attempting to access data and systems.
Some organisations may be using different tools to monitor each of their environments. Security teams can be left having to manage multiple technologies simultaneously, resulting in time wasted investigating disparate alerts which can often relate to the same incident.
In a survey of IT professionals, 87% of respondents expressed fears that a lack of cloud visibility was obscuring security threats to their organisation, with 95% stating visibility problems had led them to experience an application or network performance issue.
4. Preventing cloud security misconfigurations
Another common issue organisations experience is cloud security misconfigurations, which can often leave databases accessible to the public. Sensitive data stored in Amazon Web Services (AWS) S3 buckets and databases is only as secure as the configuration settings safeguarding it.
Research into the data breaches reported globally between January 2018 and December 2019 found that 196 separate data breaches were caused by cloud misconfigurations. The same research also revealed that breaches due to these types of misconfigurations cost companies around the world an estimated total of $5 trillion in 2018 and 2019.
The personal information of almost eight million UK shoppers on websites such as Amazon UK, PayPal and Shopify was recently released online as a result of a software vendor leaving a MongoDB database exposed without any authentication. The unsecured database was held on an AWS server owned by a third-party.
5. Identity and Access Management
Because the use of the cloud is adding to the cyber security risks faced by organisations, expert help in areas such as Identity and Access Management is essential. Without the appropriate technical knowledge around issues like Mandatory Access Control (MAC) and Discretionary Access Control (DAC), an organisation may fail to enforce a clear and strict hierarchy of permissions. This can lead to staff having access to highly sensitive data at a level which is inappropriate to their role.
Poor Identity and Access Management may also make cloud data breaches more likely due to employees gaining the ability to access and store data on personal devices. The Ponemon Institute’s 2018 Cost of Insider Threats study found that employee or contractor negligence was the cause of 64% of reported insider incidents.
6. Ensuring regulatory compliance
Migration to the cloud can create a variety of compliance challenges. To comply with the GDPR, for example, organisations which process the data of EU citizens must ensure that personal data is protected using appropriate technical or organisational measures to defend it against accidental loss, destruction or damage.
It is essential to ensure that data is safeguarded appropriately. While many companies mistakenly believe data security is the responsibility of cloud providers, this is not the case given their obligations under shared responsibility models.
When using cloud services it is also important to consider where data will be processed as doing this outside the country may be result in compliance failures. This is particularly true in light of the recent invalidation of the EU-US privacy shield.
7. Accessing cloud expertise
The global shortage of skilled cyber security specialists is well-recognised, exacerbating the challenges faced in cloud security. With system architecture so varied, the diversity of cloud security demands a wide mix of specialist expertise. A 2019 survey found that almost a third of organisations have identified a challenge with hiring staff with the appropriate skillset to manage converged infrastructures.
Achieving the cloud advantage
Cloud computing offers many advantages but, if not managed correctly, can present a variety of security-related risks. These could have a major impact on business reputation and customer trust, as well as an ability to comply with regulations and standards. Organisations shouldn’t be afraid to get the support they need to help address their challenges.
This is the second in a three-part cloud security series. For more information, here’s the first article.
Why choose Redscan?
Redscan is an award-winning provider of security services that help organisations to make lasting improvements to their cloud security posture.
ThreatDetect™, our Managed Detection and Response service, integrates experienced security professionals, the latest cutting-edge technologies and aggregated intelligence to swiftly identify, disrupt and remediate threats across networks, endpoints and cloud environments.