The cloud is changing security and you have to adapt fast

25.08.2022 1,223 2

Martin Deshev

Cloud computing is here to stay and it has already brought us a lot of changes not only for the IT industry. Our entire civilization felt one of the big benefits of the cloud during the early stages of the pandemic. It was thanks to the cloud that hundreds of millions of people were able to continue their work remotely, thus saving jobs and lessening the economic impact.

As such, a lot of companies “jumped” on the cloud bandwagon enabling this technology to enjoy a lot of attention and a healthy rise in revenues. That’s great, but as the cloud becomes ever more prevalent, it creates new challenges. Especially in the cybersecurity area. While the cloud is generally far more secure than a regular on-premises server, it’s not unbreakable. So, there are security challenges that arise from the prevalence of the cloud, and companies need to adapt to them fast. The good news is that most of the steps are relatively easy to deploy, but others will require a bit of extra effort.

State of the cloud

Despite the economic uncertainty, so far cloud spending remains strong, reports Protocol. The roundup for the second quarter, which ended on June 30th, 2022, shows good news for the cloud companies. The Microsoft cloud business netted a 25% growth. This one includes Azure, Office 365, Dynamics 365 and other services. The intelligent cloud revenue jumped 20%. Revenue for server products and cloud services grew 22%. Azure scored a 40% growth.

What’s important is that Microsoft sees an increase in larger and longer-term cloud commitments. This means more companies are investing more in the cloud and are getting longer contracts. It shows higher trust in the cloud and a desire to use it for longer.

Same with Google Cloud. For the first time, it surpassed $6 billion in quarterly revenue for a total jump of 35.61%. Unlike Azure though, Google Cloud reported an $858 million net loss. One obvious reason is the smaller market. Another is that Alphabet invests a lot in various technologies. “We’ll continue to invest in areas like AI, Search and cloud, and we’ll do it responsibly and in a way that is responsive to the current environment,” Alphabet CEO Sundar Pichai said.

According to Gartner, the spend on cloud providers will reach $178 billion in 2022. A significant increase compared to $141 billion in 2021. The cloud service providers have added a lot of value for clients. There are so many different tools, apps, features and various benefits from the cloud, that any and every business can find something that will be useful for them. And they do.

Clouds are fluffy, but security has to be thorny

The World Economic Forum though warns that the big transfer to the cloud brings cybersecurity challenges which require a focus shift. One reason for that is companies tend to think less about the security aspect of the cloud, since the majority of their data security is handled by the data center itself.

But there are some important differences. As more companies are going for multi-cloud and hybrid cloud setups, this requires more effort in security. Some providers give clients a lot of freedom to configure their own security policies, so, if your data gets breached, it’s your fault for not paying attention to these settings and configuring them properly.

Also, the cloud is increasingly fragmented. Providers employ more and more various workloads like microservers, virtual machines, containers, etc. This increases both security and complexity. The risk of misconfiguration is higher and thus you may expect that everything is done right, while in reality it isn’t. Sometimes something as simple as access control misconfiguration can bring big issues. For example, you might think you’ve provided accounting with access to the billing feature only, but did you check they actively don’t have access to other areas or modules?

Are you making regular monitoring checks to ensure the settings haven’t changed? Yes, this can happen for many reasons; someone may have made a mistake, or maybe there was an issue and someone reverted settings and didn’t check them afterwards. Or maybe there was an update which totally rearranged – or reset – the settings you had. The point is – always make regular checks that all settings are as you want them. It’s important as all of these workloads mean increased attack surface.

Top cloud security threats for 2022

Researchers at Analytics Insight have pinpointed the five top cloud security risks that companies need to pay attention to in 2022.

The first one is data loss. It turns out that 51% of firms have made at least one cloud storage solution publicly accessible. Also, 84% of enterprises say conventional security measures are not effective in the cloud. Sadly, a lot of companies still neglect backups, thinking ransomware can’t hit the cloud. While it is indeed more difficult, it’s not impossible and if it does happen and you don’t have a backup in place, losses can be significant.

The second risk is data breaches and data leaks. This one is similar to the previous, but there are some important differences. For example, hackers could get access to your cloud environment and instead of deleting data, they can simply copy it and leak it. In most cases, that’s what hackers look for when attacking a specific cloud customer. They want the data either for a competitor or simply to sell it on the dark web. This type of attack is also easier than ransomware when it comes to the cloud. That’s because all hackers need is to compromise the account of an employee with the right access level. Then they can get all the data they need without significant effort or traces.

The third risk is insecure APIs. The cloud thrives thanks in a large apart to APIs. They are key to interact and develop the various cloud features and services. A lot of APIs though are filled with security flaws. Sometimes they are “crazy” to think about in 2022, like storing passwords in plain text. Fixing those requires a lot of vigilance and effort.

The fourth risk is something we already touched upon – misconfigured cloud storage. Some cloud customers never change the default settings. While cloud providers tend to make the defaults as safe as they can, they can’t cover each and every customer’s actual needs. Nor they can enable all of the features, as then things might not work as expected for customers. That’s why it’s vital that each cloud customer sets enough time aside to explore all of the settings and configure them in accordance with their own needs.

And last, but not least – access management. We also touched on that, too. Spend time to make sure all employees have their proper access rights. There’s no need for DevOps to have access to billing forms. Or if/when that is needed, make it on a per-case basis and then revoke access as soon as it’s not needed anymore. Regular checks are also vital.

How to improve cloud security

Fortunately, there are plenty of ways for every cloud customer to increase the security of their environment. Again, the exact steps and choices will depend on the needs of each setup. But there are several aspects everyone has to consider, says TechTarget.

For example evaluation of encryption types and using the suitable ones for you. Encryption key management services and options along with backup capabilities, data lifecycle and archival. Next comes data storage monitoring and data loss prevention.

These are the aspects you absolutely should consider for your cloud security strategy and approach. Then you can finally start adding security features and improving the overall setup.

Step one: Add multifactor authentication for all users. Some providers offer such features built-in, while others allow you the freedom to add and set up additional security brokers which will take care of that.

Step two: Adapt the approach depending on what type of cloud setup and services you use. For SaaS you have to choose a service provider which has already invested in a high level of security and continues to do so. And of course, carry out regular reviews of reports.

For PaaS and IaaS environments, there are other specifics like the aforementioned encryption. Choose storage services which support at least 256-bit AES keys or more. Also, opt for ones that support key management standards like OASIS along with robust access and identity management features, policies and controls. Finally, pay attention to the logs. They can reveal a lot about your service usage without you even realizing it.

As you can see, the solutions are generally readily available. All you have to do is to first carefully consider your situation and needs. Then, simply choose the steps and solutions that you will need to achieve your goal. But remember, cybersecurity is not a one-time effort. The most important thing to remember is that security has to become a part of your daily operations. The regular monitoring, control, and research of new threats and solutions are the key to ensuring the maximum possible protection of your cloud.