Security in the cloud

An Initial Introduction to

Security in the Cloud

An Initial Introduction to Security in the Cloud

The reason there has been a huge shift to cloud is that it’s a lot simpler than on-premises in many different ways. With the cloud, there’s no hardware, and no need for around the clock monitoring. Cloud computing enables organizations to outsource data, applications or IT infrastructures and eliminates the need to operate their own servers and IT environments. But, at the same time, additional security risks arise due to the shared cloud environments, the services accessible via the public Internet, a possible loss of confidentiality, integrity and availability of data in the cloud environment.

Data protection is the key piece when speaking about cloud security especially when data is moved to a public or hybrid cloud and this task can no longer be strictly assigned to either the organization as the “data owner” or the cloud provider as “data host”. When using cloud services, customers are always at risk from the lack of separation of customer instances which can allow unauthorized individuals to view or manipulate third-party data because there is usually no physical separation of the instances in the cloud.

For example, due to legal regulations it may be necessary to delete data securely. In a cloud environment – where data, applications and the IT infrastructure is hosted by an external cloud provider – there might arise the risk that data will be deleted inadequately or incompletely. Since it’s hard for a company to track the location of the data storage the deletion process might not be transparent and thus, not fully understandable. Even after cancelling a cloud service, you cannot rely on the successful deletion of all data.

Securing Your Cloud Services and Cloud Environment

Cloud security is about securing your cloud services and your data hosted in cloud environments, and comprises a multitude of individual measures that protect against risks such as data loss, service failure or unauthorized access while using cloud services. A consistent implementation of cloud security will minimize the risk of failures, data loss, hacker attacks or unauthorized access to data by considering:

  • the access to the data
  • the physical security of the data center
  • the logical security of the servers
  • the security of the network structures and access
  • the security of the platform and the applications
  • Data security
  • the secure management of keys and access codes

How You Can Proactively Close Cloud Security Gaps

Apart from the security activities, your cloud provider should ensure there are a couple of things you can undertake yourself to keep your cloud data secure:

  • Encryption: First, make sure the data you upload to the cloud is stored only on encrypted media. Secondly you should ensure that it is encrypted and cannot be decrypted by unauthorized persons, including your cloud provider. Keep your encryption keys in-house to avoid unauthorized access. Thirdly, ensure data protection during transport (e.g. via HTTPS connections), especially if the cloud is accessed via insecure or public networks.
  • Endpoints: All devices that can access your cloud must be secure. Infected devices, for instance, will provide hackers access to your data even if servers and transmission paths are secured.
  • Authentication: Only employees who really need the data for their daily work should have access to the cloud. This requires a secure authentication process but better would be a two-factor authentication with a password and a security token. Password-only security policies are outdated since data is constantly breached. Also, ensure a strong Identity and Access Management (IAM) is in place so users only get the rights for the data sections they need and administration rights should be limited.
  • Data Backup: Make sure you always have an additional backup system in place, regardless of storing files or data bases. Data backup and storage in the cloud is often limited in time by the cloud providers. Additional backup solutions like BackupSimple can help you to always stay in control of your data.
  • Monitoring: An early-warning system and consistent monitoring helps you to recognize security gaps and incidents before they really damage your company.

Working with a cloud services provider provides a huge boost to your bottom line because infrastructure costs are no longer capitalized. On-premises security takes a lot of manual work which can tie up precious resources on activities not leading to business growth. Whichever cloud solution or platform you choose, they should be taking over those more administrative tasks and providing you with security that is perfectly tailored to your organization. Which, at the end of the day, is more reliable than an on-premise solution.

Let Us Assist You On Your Cloud Journey

If your organization uses Microsoft Azure or AWS, you should be looking for a cloud security solution that knows exactly how to build out your strategy. We have multiple years of cloud experience, so we know the product suite inside and out. This way, you’ll be able to lower your cloud spend and optimize your workload as securely as possible. Then you can put the focus back on yourselves through improved scalability, lower IT costs, and even more innovation.

Learn more

Managed Cloud Services

SoftwareONE’s Managed Cloud brings together the people, process and technology to optimize your cloud initiatives.

more

Gain Complete Control of Your Backup & Recovery Environment

Plan for a comprehensive and streamlined data recovery – centralizing all of your backup needs providing a single secure, scalable and resilient platform which you own.

more

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Bala Sathunathan

Bala Sethunathan

Director, Security Practice & CISO

Cybersecurity

Related Articles

multilayer-edr-xdr-is-next

Multilayer EDR (XDR) is Next

Most organizations don’t want to work with EDR due to the huge number of alerts to manage. Cross-layer EDR (XDR) can be the solution. Find out how.

Resolving SAP Downtime & Visualization Challenges with PowerConnect & Splunk

Reduce SAP Downtime & Visualization of SAP Telemetry

It’s difficult to investigate failures in SAP to prevent them from happening in the future. Find out how to gain SAP intelligence via PowerConnect and Splunk.

Endpoint Security: What you need to know about "Next-Gen" EDR

"Next-Gen" EDR

Combining EDR and SIEM might be the ideal way of fighting cyber security risks. But why isn’t EDR enough? Learn more about the challenges of standalone EDR and how it differs from SIEM.