Cloud Security – Solving Complex Environment’s Security

More Defense – Complex Security

Less Defense – Compromised Security

Right Defense – Effective Security

In today’s world, “CLOUD” is the buzzing word where every organization can perceive, and more than 80% of the organization have migrated their critical applications from On-Prem to Cloud. Moving to Cloud will provide multiple benefits to the organization where they can select the most cost-effective architecture which can deliver the required/expected performance, reduce their TCO, easy to manage, flexible, scalable and automate the repeated tasks. Most of the organizations are relying on multiple Cloud providers where they provide multiple services which helps the customers to set up their infrastructure easily within a short time with maximum availability. As per Gartner prediction “By 2023, the leading Cloud service providers will have a distributed ATM-like presence to serve a subset of their services.”

According to the trend, every business would run with multiple Technologies but has its limitations and based on today’s hacker’s showground. Our major challenge would be engrossed more towards “Security”. Multiple questions would always pop up in CIOs and CISOs mind like How Secure the business is? What are the controls and process that the organization has taken to have a smooth business? How are the technologies placed, and how effective they are? If these technologies fail to ensure proper Security protection, Cloud services could ultimately result in higher cost & potential loss of business, thus eliminating all the potential benefits of Cloud technology. More Security implementations would lead to complex environments, and less Security would lead to compromise and loss of business.

Soon, the rate of Cloud adoption and usage will continue to rise and beyond. As more and more CIOs and CISOs remain concerned by the increase in IT infrastructure costs and problems of delivering availability, Security and performance; adopting to effective Cloud Security would become an expected step to resolving these problems.

Effective Cloud Security

It took a while for the enterprise to consider these issues seriously where the transition to the Cloud had multiple challenges. Almost all the organizations are more intent on availability, the Cloud computing also emphases on availability where the services are available 24X7. But the availability of the organization’s data attracts many hackers who attempt to survey the systems, learn the flaws and exploit them. One Single Vulnerability is all a hacker needs to exploit, which would bring the business to an appalling situation.

In this landscape, business and technology leaders experience several major challenges.

Access Management

Organizations are struggling to scrutinize access management because the data is stored across multiple locations and Security leaders must provide secure access to applications, resources and data whenever and wherever required. It is always advisable to implement and adopt Zero-Trust model, which can further reduce the risk of becoming the next breach victim. The most recent attack happened for a Hotel Giant Marriott where they suffered a data breach of more than 5.2 Million user accounts in March 2020. The hackers obtained the login details of two employees and broke into the system.

How do we tackle Poor Access Management?

• Centralized Access Management: Companies to focus more on implementing centralized access management solutions which includes Single-Sign-On and Directories, establish rule-based access and removal of orphaned accounts
• Identity Access Management (IAM): Implementation of IAM is mandatory for Cloud Services, and it serves as a foundational Security component in various environments. IDaaS – Identity-as-a-service is another effective solution which would address the provisioning of users to applications and reset of passwords, user authentication, authorization and identity access log monitoring and reporting.
• Privilege Access Management (PAM): Deploying of PAM would make it harder for the hackers to obtain the privileged account access and would be used to secure, manage and monitor the privilege access. This would give some good insights into the privilege administrators and their activities.
• Follow the Principle of Least Privilege Principle (POLP): Limiting the access to the minimum necessary for an action to be performed. The more you follow the reduction of unintentional, unwanted, or improper uses of privilege can be achieved.

Data Breaches

A Data breach or Data leaks are a major concern. If breached, it means that the organization has neglected a few Cloud Security flaws, or it is a coincidence in which the data is accessed without authorization due to misconfigurations. Hackers try to exploit using these flaws, and when they gained access to the critical data, they can open it to the public or sell on the black market or held for ransom. The most prominent and recent data breach is the one that happened for Zoom Meeting, most popular Video Conferencing application where over 5,00,000 Zoom Accounts were sold on the dark web during the year 2020.

How do we control the Data Breach?

Cloud Security should always rely on a multi-layered approach that protects the activities step by step. This approach includes

• Multi-Factor Authentication: The evidence of the user’s identity and access credentials must be more accurate. Users should be prompted for two levels of authentication were typing a password and receiving a notification on mobile phone with randomly generated codes active for a time.
• Encryption on Data at Rest including Backups: Data like logs, databases or any critical mission data and more when stored it should be encrypted with a strong algorithm. Also, compulsory care to be taken to generate backups of all critical mission data and encrypting them when stored or in transit.
• Multi-Layer Firewalls: Always best to have multi-layered firewalls which would serve the purpose of monitoring the traffic for both internal and external activities, blocking the unauthorized traffic.
• Data Classifications: Every business should classify the data as per the business requirements and necessary labelling to be done appropriately.
• Follow Need to Know Principle: Implementation of need to know principle would reduce the data breach. Not all users should be allowed to access all data, and there should be a valid reason/justification to access the classified data.

DDoS Attacks

Majority of DDoS attacks initiated by the hackers are most inclined towards the disruption of service availability, reputational damage and financial loss. Though Auto-Scaling is one of the significant benefits in a Cloud environment, which can scale up when the resources are over-utilized. It doesn’t mean that it can handle all the load unpredictable rather, it can sometimes overload and stop functioning. This attack on Cloud can be catastrophic to the business leading to complete non-availability of the applications/services and burden of overutilization and cost. According to the NetScout Threat Intelligence, more than 8.4 million DDoS attacks were observed during the year 2019 witnessing 23000 attacks per day and 16 attacks per minute.

How do you prevent DDoS?

• Anti-DDoS Protection: Having some top-rated Anti-DDoS solutions would protect against all types of DDoS attacks absorbing multi-terra bytes attacks. Nowadays, many service providers are offering a SaaS-based model which the customer need not worry about the infrastructure. It is just like a plug and play.
• Content Delivery Network (CDN): Subscribing for CDN’s would augment the DDoS protection. CDN’s help a site to be cached either in advance or whenever an initial request is made. Attackers would find difficulties in reaching the origin servers as it must cross multiple wagons of intermediate servers.
• Security Operations Center Monitoring: Having a dedicated SOC for 24 X 7 monitoring the anomalies and suspicious traffic would result in better performance and availability of the services. Initiate rapid responses and actions when identified any attempts.

Lack of Skills

The lack of skills in Cloud Security poses a greater risk and concern to the business and finding the right talented professional is like finding a needle in a big haystack. The best way for the organizations to eliminate the challenge is to invest in Cloud Security Services Training and Certifications along with Awareness.

Lack of Cloud Security Architecture and Strategy

Many organizations though have a framework to operate their business, but it is essential to develop and implement the Security framework aligning with business goals and objectives. Also, it is always advisable to choose the right defense to solve the environment’s complex Security by choosing the business requirements, which are required fundamentals for securely moving, deploying and operations. Always remember and not the least, A right blend of various defensive implementations would always result an effective Cloud Security.

To remain competitive, organizations around the world must embrace technologies, policies, process, procedures and guidelines that enable the business to grow, perform and more secured.

Vinayak S

has over 13+ years of experience in IT Security transversely manifold domains like Cloud Security, Infrastructure Security and Cyber Security Practice. He is a Senior Practice Manager and currently part of Infrastructure Management and Security Services business unit of Happiest Minds Technologies Pvt Ltd. He is predominantly responsible for designing and implementing multiple Technologies spanning Cloud, and On-Prem focused on Security.

Related posts:

How to Address The Trust Issues in The Cloud Best Security Practices in IT Infrastructure Implementation Disruptive Technology Weekly Roundup – Sep 10th to Sep 15t … Why SaaS? We mean, Security-as-a-Service!