Cloud computing has brought many benefits to businesses by providing highly scalable data storage facilities and access to corporate information any time and from anywhere.
However, it also presents a range of risks to the enterprise. The loss of sensitive information, violating existing regulatory controls, malware infections, insider threats and the hijacking of your accounts are just a handful of the threats facing businesses that work in the cloud. These issues are also exacerbated by the increase in remote working, where it can be difficult to implement the same level of governance as you enforce in the office.
Man in the Cloud (MITC) attacks, in particular, are a growing issue. An MITC attack is carried out when a cyber criminal places a piece of malware on a user’s machine, which compromises the synchronisation token used to sync your disparate devices in the cloud. This allows an attacker to either direct future synchronisation activities to an attacker-controlled account and intercept sensitive data or infiltrate your systems with more malware.
Because the code used to carry out MITC attacks is very simple and only modifies specific files or registry keys, MITC attacks are extremely difficult to detect.
So, how can you increase your cloud security? Security and data integrity in the cloud is a shared responsibility and requires many layers of protection and implementation to create a unified, system-wide, cloud security strategy. Here are seven tips to help you achieve this:
- Implement continuous end-to-end patrolling of your entire data centre
You need to build and maintain a secure network to detect, monitor and remediate any cyber threat. This point is particularly pertinent for cloud security where information is passed across the network regularly.
A firewall and the introduction of secure (non-vendor supplied) passwords is a solid first step to achieve this. You may also want to implement tools such as those provided by the Cisco Cloud Security Architecture to give you comprehensive coverage everytime you and your staff access the cloud.
- Protect cardholder data
You need to encrypt, retain and destroy cardholder data, and protect it when it is in transit. It’s not just a “nice to have” but a legal necessity. Companies involved in card transactions must comply with the payment card industry data security standard (PCI DSS) and other data protection regulations.
However, more than 60 percent of small businesses that store credit card details and financial information of customers in the cloud are not following industry regulations to secure their cloud storage, research reveals.
- Maintain a vulnerability management program
Vulnerability management is the process of searching for and detecting weaknesses in your organisation’s network and infrastructure. You need to, for example, install antivirus software and run regular update and scans, and develop and maintain secure systems and applications.
This can be a complex task for some organisations, which requires them to keep track of the large volume of reports produced from ongoing security assessments, rank them in order of priority and take the appropriate action.
- Implement robust access control rules
You need to restrict internal access to sensitive data on a need-to-know basis by, for example, restricting access according to an individual’s role and responsibilities within your organisation. For card data, this is one of the requirements of the PCI DSS regulation.
The PCI DSS defines need-to-know as “when access rights are granted to only the least amount of data and privileges needed to perform a job.”
- Regularly monitor and test networks
Robust network security is paramount to provide cloud security. So, you need to regularly test your security systems and processes. A combination of strong monitoring and testing practices and active monitoring will help to increase your cloud security where you regularly test critical network components and identify vulnerabilities.
This goes further than simply running a vulnerability management program (as outlined in step three). You may need to assess network components including your wireless access points, carry out penetration testing and deploy a change detection mechanism to alert personnel of any unauthorised changes on the network on (at the very least) an annual basis.
- Maintain a universal information security policy
An information security policy is the cornerstone of any network security program. Each policy will differ depending on the nature and scale of your business, but it is important to implement and maintain it for both employees and contractors.
Your policy should reflect your organisation's security objectives and complement your management strategy for securing data.
- Implement alerts that don’t waste your time
You need to detect, contain and mitigate any identified cyber threats or vulnerabilities. As such, it’s important to implement alerts that draw your attention to actual problems and give you the information you need to resolve those issues as swiftly as possible.
Cisco Stealthwatch Cloud, for example, only alerts users when a real threat is detected and gives you the relevant information to address this threat. So, you won’t waste time responding to false positives.
If you’d like to find out more about how to protect your business against today’s cyber security threats both inside and outside of the cloud, click here to download our comprehensive guide to cyber security.