Thursday, 04 March 2021 11:50
Have you heard of stories where a C-level executive at an organisation mistakenly wire transfers a substantial amount of money to a lookalike but fake account? Or a situation where a company’s operations came to a complete halt for several days because of a data breach?

 

Cloud computing is rapidly maturing. In the last few years, it has become an essential component of an enterprise IT strategy. According to a Gartner report, cloud adoption is one of the fastest-growing IT spends across industries.

Cloud Security threats continue to increase

While cloud security adoption continues to increase both before and during the pandemic, security concerns show no signs of abating.

 

While there are several security concerns that cloud security users must address in the long run, here are three critical areas that must be given immediate attention, especially now as organisations are planning to scale their remote work setup.

 

  • Data Breaches and Loss
  • Data Security and privacy compliance violations
  • Disruption in Business continuity

Follow best practices to maximise cloud security

Cloud brings flexibility to the enterprise ecosystem, a feature that organisations need the most during the current situation. However, while adopting the cloud, organisations must also devise a robust security plan around its usage.

 

Here are 5 best practices for Cloud Security:

1. Identity and Access Control

The first phase of cloud computing security is to focus on understanding your current state and assessing risk

  • Identify sensitive or regulated data
  • Understand how sensitive data is being accessed and shared
  • Discover shadow IT (Unknown cloud use)
  • Audit configuration for infrastructure -as -a-service (IaaS) such as Azure
  • Uncover malicious user behavior

2. Create a Thorough Shared Responsibility Model

Organisations, while selecting a cloud partner, must evaluate the partner’s policies about shared security and understand what security aspects the partner will be handling. A thorough shared responsibility model provides clear responsibilities to both parties and prevents security incidents that otherwise happen due to oversights.

3. Apps and Data Security

You can strategically apply protection to your cloud services according to their level of risk. Here are several best practices for apps and data security:
  • Apply data protection policies
  • Encrypt sensitive data with your own keys
  • Set limitations on how data is shared
  • Stop data from moving to unmanaged devices you don’t know
  • Apply advanced malware protection to infrastructure-as-a-service (IaaS) such as Azure

4. Strengthen cloud Security Access Control Measures

 As unauthorised access to the cloud data is a persistent potential risk, organisations must deploy a high-quality identity and access management (IAM) solution to define and enforce access policies. Organisations also must consider multi-factor authentication and role-specific access to minimise risks of credentials compromise or data misuse.

As several users from different geographical regions access the cloud resources through various devices, especially when a large part of the workforce is working from home, organisations must continuously revisit and upgrade their user endpoints by implementing and updating firewalls, anti-malware, intrusion detection, access control and other measures.

5. Respond to Cloud Security Updates Like a Mad Man

As cloud services evolve, so do the challenges and threats you face by using them. Always stay on top of cloud provider feature updates that involve security, so you can adjust your policies accordingly. Security providers will adjust their threat intelligence and machine learning models to keep up as well. In the phases and best practices above, several key technologies can be used to accomplish each step, often working in conjunction with the native security features from cloud providers.

  • Cloud Access Security Broker (CASB): Protects data in the cloud through data loss prevention, access control, and user behavior analytics. CASB is additionally used to monitor IaaS configurations and discover shadow IT.
  • Cloud Workload Protection: Discovers workloads and containers, applies malware protection, and simplifies security management across IaaS environments.
  • Virtual Network Security: Scans network traffic moving in between the virtual instances held in IaaS environments, along with their entry and exit points.

COVID-19 and changes in the enterprise outlook towards cloud security

In the pre-COVID-19 world, enterprises often regarded cloud security as an additional layer on the existing infrastructure. However, when billions of people worldwide had to switch to a digital workspace almost overnight due to COVID-19, enterprises realised that security is not an additional layer atop the existing infrastructure, but a fundamental requirement that directly impacts workforce productivity and collaboration.