World Cloud Security Day is an annual reminder of the importance of protecting your digital assets in the cloud. With more and more organisations relying on cloud services to store and process their data, it’s crucial to ensure that the data is secure and protected from cyber threats.

We spoke to Jaco Nel, CTO at Deimos, who shed some light on the reasons why businesses should prioritise cloud security and how they can achieve it.

1. Why is cloud security becoming more critical every day and how does it affect businesses?

Cloud security is becoming more critical every day because of the increasing amount of sensitive data that businesses store and process in the cloud. This is driven by multiple factors, one of which is the rise of remote and hybrid work. The COVID-19 pandemic has accelerated the adoption of remote work, resulting in more businesses needing to adopt cloud-based applications and services.

Alongside the increased adoption of cloud-based solutions, cyber threats are becoming more sophisticated, and criminals (hackers) are constantly developing new techniques to exploit vulnerabilities in cloud-based systems and applications.

We are also seeing countries adopt stronger data protection regulations, such as GDPR, HIPAA and POPIA.

Lastly, I would like to touch on business continuity. Cloud-based systems and applications are critical to business operations, and any disruption or downtime can have a significant impact on business continuity, revenue and reputation. Failure to implement adequate cloud security measures can result in data breaches, financial losses, reputational damage, and legal liabilities.

2. What are some of the best practices for cloud security?

A great place to start would be with Identity and Access Management. Ensuring that you follow the principle of least privilege. The principle of least privilege means giving users or systems only the minimum access privileges necessary to perform their required tasks. Oftentimes, access is gained to your cloud, and thus to your data, through misconfigured identity and access.

Ensure that your data is encrypted, not just at rest, but also in transit. Encryption of data at rest means protecting data that is stored on a device or system by encoding it so that it can only be accessed by authorised users, whereas encryption of data in transit means protecting data that is being transmitted between devices or systems by encoding it so that it can only be read by authorised parties and not intercepted by hackers.

Make sure to keep a record of changes and activity in your cloud account by using an audit log. This allows you to see what’s happening in your account and identify any unusual or suspicious behaviour. It’s also a good way to review security incidents and make improvements to your security strategy.

When deploying systems to the cloud, it’s important to minimise your public footprint to reduce the attack surface for potential threats. This means limiting the amount of information that is publicly available about your cloud assets, such as IP addresses, domain names, and service endpoints. By doing so, you can reduce the risk of malicious actors identifying and targeting your systems for attack. It’s also important to implement strong authentication and access controls, regularly patch and update your systems, and monitor for unusual or suspicious activity.

When, and where possible, align your security strategy with industry standards such as the Center for Internet Security (CIS) Controls, ISO, and NIST Cybersecurity Framework. This is especially useful for smaller teams who may not have the budget or expertise to devise their own security strategy.

To round things off, it’s crucial to cultivate a strong security mindset within your organisation. This begins at the top, with your executive team understanding the significance of security and the risks that come with it. Security should be a priority from the highest levels of the company, and a budget should be allocated to assess your risk tolerance and create and execute an effective security strategy.

3. Discuss some of the most common security threats that organisations face in the cloud.

Let’s start with an old faithful: Phishing. Phishing attacks are generally considered to be a dated security threat, however, even security veterans such as Cisco have recently been breached using a phishing attack. Phishing attacks are getting more and more sophisticated, and in the context of the cloud, are usually used to gain access to your business systems, and cloud resources.

Malware is a type of security attack that can put your cloud resources at risk. It can be installed on an employee’s personal computer, which may have access to your cloud services or user accounts. The malware can then steal the keys that are used to protect these accounts, giving the attacker unauthorised access to your valuable resources.

Distributed Denial of Service (DDoS) attacks are quite typical in the cloud industry. This is a type of cyberattack that involves flooding a network or system with traffic in order to disrupt its normal operations. In cloud computing, DDoS attacks can target cloud-based services, making them inaccessible to users, thus preventing your business from operating efficiently, or operating at all.

Misconfigured cloud resources, such as storage buckets or databases, can expose sensitive data to unauthorised access or theft. Misconfigurations can occur due to human error or poor security practices. Misconfiguration can come in multiple shapes and sizes, and can be an extreme security risk. Misconfiguration can lead to unauthorised access to your cloud resources, the breach of user data, or a take over of your cloud resource.

4. Discuss the responsibility of cloud service providers to ensure the security of their customers’ data and what measures they take to protect against cyber threats.

When it comes to cloud security, the responsibility of the service provider depends on the type of service being used. For Infrastructure as a service (IaaS), the majority of the security responsibility lies with the customer, while for Platform as a service (PaaS) it is a shared responsibility, and for Software as a service (SaaS) the cloud provider provides the most security coverage. Cloud providers implement industry standard security mechanisms and practices to secure the overall cloud platform, but customers are responsible for securing what is running on their instances.

It is important for organisations to understand the responsibility model of their cloud provider to determine what security measures are being taken and what is their own responsibility.

 

Conclusion

World Cloud Security Day is an important reminder to take cloud security seriously. By following best practices and staying informed about the latest threats and trends, you can keep your digital assets safe and secure in the cloud. Remember, when it comes to cloud security, an ounce of prevention is worth a pound of cure. To ensure your cloud security is in line with best practice industry standards, get a cloud security assessment here.