Seidor
cloud security

24 August 2023

Cloud Security: an essential all-in-one strategy to protect data in the cloud

According to the latest research by Cybersecurity Insiders, 95% of organisations are concerned about the security of their cloud environments (cloud security), while one in four had a security incident in the cloud in the last 12 months. In fact, according to data from Gartner, this aspect will grow the most in terms of investment in 2023.

The concept of cloud security

The cloud security concept refers to the combination of technologies, methodologies, processes and policies for protecting infrastructure, systems and data in the cloud, which can be customised based on the specific requirements of the organisation.

In Spain, according to the Infoblox annual report, 47% of Spanish companies experienced a security incident in the cloud in 2022. This not only affects operations, but it can also have serious legal and financial repercussions. Last year, for example, Statista reported fines of up to $1.2 billion for giants such as Meta, WhatsApp and Google.

Beyond ensuring compliance, a proper cloud security strategy helps maintain business continuity. According to a recent EMA survey, a consultancy specialising in data management, the average cost for unplanned downtime is $12,900 a minute, although the study shows that the cost varies depending on the size of the company.

Main challenges

The concept of cloud security doesn't invent anything new, but it does involve a significant change in how we view defending against attacks on data, applications and workloads. Below are some of the most important challenges.

  • Exposure of confidential data. According to a recent RPM survey, data exposure is the greatest cloud security concern among Spanish IT managers. Because of the nature of the cloud, anyone, from anywhere, with the right resources, can access any information. One common risk vector is storage buckets, which are often exposed due to incorrect configuration problems.
  • Loss of visibility of the infrastructure. As a general rule, corporate cloud networks offer access to data and services for hundreds or thousands of scattered devices, connected to different networks across different geographical areas. This complexity can result in a loss of visibility of the different elements of the infrastructure. Without the right processes and appropriate security management tools, technical managers may lose sight of who is using cloud services, from where and for what.
  • Shared responsibility. Defining and standardising how share data are used, stored and who is authorised to access them is another key challenge. For example, if an employee involuntarily moves data that they shouldn't to a cloud service without authorisation, the company could be in violation of its contract with the provider, which could result in legal action.
  • Internal threats. The example mentioned in the point above shows that employees, contractors and partners can be one of the greatest security risks in the cloud. In fact, most internal incidents are due to a lack of training or negligence. The cloud increases the risks even more, since the organisation hands over control of its data to the cloud provider and introduces a new layer of internal threat, that of the provider's employees.
  • Configuration errors. The incorrect configuration of cloud services can make data publicly available, subject to tampering, or even deletion. Failure to review the default security, configuration errors in access management... are problems that have to be dealt with every day. We should also note the security of APIs, which are a fundamental part of modern web, SaaS and mobile applications, since they provide a link between different infrastructures (local or cloud). But an unsafe cloud API provides a gateway to unauthorised access.
  • Compliance violations. Since the GDPR went into effect, guaranteeing regulatory compliance in the area of data protection has become a key aspect of cybersecurity, and therefore of cloud security. A company has to know where its data are, who has access to them, how they are processed and how they are protected. For the cloud, there are additional regulations that also affect providers.

Cloud security action frameworks

Although, as we said earlier, the concept of cloud security doesn't invent anything new, it does represent the best combination for achieving a solid foundation for protection: this includes:

  • Threat intelligence. Solutions such as intrusion detection and prevention systems (IDS/IPS) are the basis of any cloud security strategy. These threat intelligence tools are used to identify present and future threats. Obviously, the centralisation of information, access to external sources and continuous monitoring are basic requirements for mitigating and responding to attacks.
  • Identity and access control. Identity and access management (IAM) systems are essential to the security of cloud environments, combining multifactor authentication with ad hoc policies to control who has access to data and applications, what they can access and what they can do with the data. Normally, the provider will integrate their system with the customer's IAM, or use its own environment, but IAM is essential in any case, because it also affects regulatory compliance.
  • Encryption. Cloud infrastructures require the constant flow of data, either between the client's data centre and the cloud provider's platform, or between different providers. This flow is continuous and multidimensional (to or from the cloud, between clouds, etc.). Given this situation, data encryption is an essential layer of security in the cloud - in fact, it always has been - since it allows the data to stay protected at all times, whether in transit or stationary.
  • Physical security. As you might imagine, this aspect is equally essential, even if the data are in the cloud... or precisely because of it. The goal in this case is to avoid unauthorised access or attacks against hardware assets, from the user endpoints to the systems of the cloud provider. Particularly important here are networks that incorporate data from sensors, but also specific elements such as doors, uninterruptible power supplies, CCTV circuits, alarms, etc.
  • Pentesting/VPD. Penetration testing (pentesting) and vulnerability disclosure programs (VDP) are an increasingly common practice to maintain and improve cloud security by "attacking" the cloud infrastructure from within to identify weaknesses or potential exploitation vectors. Depending on the results, the organisation may take measures and establish suitable controls to mitigate the risks.
  • Workload segmentation. This consists of dividing the cloud infrastructure into different security segments. By isolating the various workloads (including at the user level), flexible security policies can be applied that provide a faster and more proactive response to prevent possible attacks or data breaches.

Benefits of implementing a cloud security strategy

Once the cloud security strategy is implemented, the organisation can have an integrated view of its assets in the cloud and their protection status, but this is not the only benefit. Here are some more:

  • Centralisation. Inherent to the concept of cloud security is the concept of centralisation. In the same way that cloud computing involves centralising applications and data, cloud security means centralising security on centralised platforms with advanced controls, alarms, connection to external sources, etc. This provides more options to recover from a disaster, and thus ensure business continuity.
  • Cost reduction. A reputable cloud service provider will offer built-in hardware and software dedicated to ensuring its data and applications 24 hours a day. This eliminates the need for the user to make a significant financial investment in its own configuration.
  • Reduced administrative load. As we already noted, the security of data in the cloud relies on a model of shared responsibility between the provider and the user, which is an advantage for the latter because it reduces the time and resources needed to manage this aspect.

The importance of having a trusted partner

A basic part of any cloud security strategy is identifying a suitable cloud service provider, and then implementing a strategy that combines the appropriate and necessary tools, processes, policies and practices.

In addition, having a specialised partner, with knowledge of the cloud and security that the company may not have, allows managing the shared responsibility correctly and fairly.

If your strategy relies on the cloud and you're concerned about the security and privacy of your company's data, contact us and let us advise you on how to implement the best cloud security strategy for your organisation.

You may be interested in

24 August 2023

Device security and remote working

Remote working has now become a convenient, efficient and even necessary practice for many companies. But there are cybersecurity rules that must be implemented to avoid putting your own or your customers' sensitive information at risk.

The following are the most important aspects to be taken into account, both from an organisational and user perspective.

SEIDOR
23 August 2023

What is Zero Trust? Past, present and future of security

In this article we tell you about the trend and evolution of Zero Trust initiatives, but first let's get back to basics. What is Zero Trust?

Zero Trust is a security model that assumes that all entities within the network, including those that have access to the network, are potentially malicious.

Cara Laura López
Laura López Senderos
Jefa de proyecto de SEIDOR