Cloud security is about securing the cloud through a combination of procedures, policies and technologies. Scott Manson, Managing Director – Middle East & Turkey, McAfee, explains how businesses can properly secure the cloud.
If I had a dirham for every time I have heard a vendor say “secure the cloud”, I’d be a rich man! But what does that phrase really mean? On the surface it’s easy to assume this phrase means using cloud-enabled security products. However, it’s much more than that. Cloud security is about securing the cloud itself through a combination of procedures, policies and technologies that work together to protect the cloud – everything from the endpoint to the data to the environment itself. A cloud security strategy must be all-encompassing, based on how data is monitored and managed across the environment.
So, just how do IT security teams go about addressing common cloud challenges head-on, while at the same time establishing the right internal processes and adopting the necessary solutions in order to properly secure the cloud?
Cloud security’s top challenges
As we enter a post-shadow IT world, security teams are now tasked with understanding and addressing a new set of challenges – those that can stem from a complex, modern-day cloud architecture. As the use of cloud services grows, it is critical to understand how much data now lives in the cloud. In fact, according to the McAfee 2019 Cloud Adoption and Risk report, 21% of all files in the cloud contain sensitive data, up 17% over the past two years and sharing of sensitive data with an open, publicly accessible link has increased by 23% over the same time period.
It’s no wonder then that threats targeting the cloud are growing too: the average organisation experiences 31.3 cloud-related security incidents each month, a 27.7% increase over the same period last year.
Frequently impacted by data breaches and DDoS attacks, cloud technology is no stranger to cyberthreats. However, the technology is also impacted by challenges unique to its makeup – such as system vulnerabilities and insecure user interfaces (UIs) and application programming interfaces (APIs), which can all lead to data loss. Insecure UIs and APIs are top challenges for the cloud, as the security and availability of general cloud services depends on the security of these UIs and APIs. If they’re insecure, functionalities such as provisioning, management and monitoring can in turn be impacted. There are also bugs within cloud programmes that can be used to infiltrate and take control of the system, disrupt service operations and even steal data. The challenge then with data and workloads moving to the cloud is insufficient knowledge of developers on the evolution of cloud capabilities. Misconfigurations tends to be one of the major contributors of data leaks and data breaches as well, meaning cloud configuration assessment is another best practice that IT should own. Another major source of cloud data loss? Improper identity, credential and access management, which can enable unauthorised access to information via unprotected default installations.
Now that we have the bad news out the way, how about some good news? To combat these threats, there are a few standard best practices IT teams can focus on to secure the modern day cloud. First and foremost, IT should focus on controls and data management.
Security starts with process: Controls and data management
To start a cloud security strategy off on the right foot, the right controls for cloud architecture need to be in place. Cloud security controls provide protection against vulnerabilities and alleviate the impact of a malicious attack. By implementing the right set of controls, IT teams can establish a necessary baseline of measures, practices and guidelines for an environment. These controls can range from deterrent and corrective to preventative and protective.
In tandem with controls, IT teams need to establish a process or system for continually monitoring the flow of data, since insight into data and how it is managed is vital to the success of any cloud security strategy. A robust data loss prevention (DLP) tool can help organisations secure data by extending on-premises data loss prevention policies to the cloud for consistent DLP, protecting sensitive data wherever it lives, tracking user behaviour and more.
Solving for visibility, compliance and data protection
When it comes to securing data in the cloud, visibility and compliance must be top of the mind for IT teams as well. Teams need to gain visibility into the entirety of applications and services in use, as well as have proper insight into user activity to have a holistic view of an organisation’s existing security posture. They also need to be able to identify sensitive data in the cloud in order to ensure data residency and compliance requirements are met.
That’s precisely why IT teams need to adopt an effective cloud access security broker (CASB) solution that can help address visibility and compliance issues head-on. What’s more, this type of solution will also help with data security and threat protection by enforcing encryption, tokenisation and access control, as well as detecting and responding to all types of cyberthreats impacting the cloud.
Putting it all together
In an ever-changing threat landscape, implementation of the proper controls and data management, in combination with effective cloud security solutions like a cloud access security broker (CASB), is the key to a strong cloud security strategy. By taking into account and working to proactively protect the multitude of endpoints connected to the cloud, the amount of data stored in the cloud and the cloud environment itself, IT security teams can help ensure the cloud is secure.