Security in cloud computing is a major concern. Data in cloud should be stored in encrypted form. To restrict client from accessing the shared data directly, proxy and brokerage services should be employed.
Cloud security refers to a broad set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services, and the associated infrastructure of cloud computing.
Cloud Security Challenges
With the cloud model, you lose control over physical security. In a public cloud, you are sharing computing resources with other companies. In a shared pool outside the enterprise, you don’t have any knowledge or control of where the resources run. Exposing your data in an environment shared with other companies could give the government “reasonable cause” to seize your assets because another company has violated the law. Simply because you share the environment in the cloud, may put your data at risk of seizure.
1. Data breaches
- A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, information leakage, and data spill.
- Traditionally, IT professionals have had great control over the network infrastructure and physical hardware (firewalls, etc.) securing proprietary data.
- In the cloud (in all scenarios including private cloud, public cloud, and hybrid cloud situations), some of those security controls are relinquished (give up, voluntarily cease to keep or claim) to a trusted partner meaning cloud infrastructure can increase security risks.
- Choosing the right vendor, with a strong record of implementing strong security measures, is vital to overcoming this challenge.
Consequences of a data breach may include:
- Impact to reputation and trust of customers or partners
- Loss of intellectual property (IP) to competitors, which may impact products release
- Regulatory implications that may result in monetary loss
- Brand impact which may cause a market value decrease due to previously listed reasons
- Legal and contractual liabilities
- Financial expenses incurred due to incident response and forensics
2. DDoS and Denial-of-Service Attacks
- As more and more businesses and operations move to the cloud, cloud providers are becoming a bigger target for malicious attacks.
- Distributed denial of service (DDoS) attacks are more common than ever before.
- Verisign reported IT services, cloud platforms (PaaS) and SaaS was the most frequently targeted industry during the first quarter of 2015.
- A DDoS attack is designed to overwhelm website servers so it can no longer respond to legitimate user requests.
- If a DDoS attack is successful, it renders a website useless for hours, or even days. This can result in a loss of revenue, customer trust and brand authority.
- Complementing cloud services with DDoS protection is no longer just good idea for the enterprise; it’s a necessity.
- Websites and web-based applications are core components of 21st century business and require state-of-the-art cybersecurity.
3. Lack of Cloud Security Architecture and Strategy
- Worldwide, organizations are migrating portions of their IT infrastructure to public clouds.
- One of the biggest challenges during this transition is the implementation of appropriate security architecture to withstand cyber attacks.
- Unfortunately, this process is still a mystery for many organizations.
- Data are exposed to different threats when organizations assume that cloud migration is a “lift-and-shift” endeavor of simply porting their existing IT stack and security controls to a cloud environment.
- A lack of understanding of the shared security responsibility model is also another contributing factor.
4. Insecure access control points
- One of the great benefits of the cloud is it can be accessed from anywhere and from any device. But, what if the interfaces and particularly the application programming interfaces (APIs) users interact with aren’t secure?
- Cloud computing providers expose a set of software user interfaces (UIs) and APIs to allow customers to manage and interact with cloud services.
- The security and availability of general cloud services are dependent on the security of these APIs.
- From authentication and access control to encryption and activity monitoring, these interfaces must be designed to protect against both accidental and malicious attempts to circumvent the security policy.
- Poorly designed APIs could lead to misuse or—even worse—a data breach. Broken, exposed, or hacked APIs have caused some major data breaches.
- Organizations must understand the security requirements around designing and presenting these interfaces on the internet.
- Hackers can find and gain access to these types of vulnerabilities and exploit authentication via APIs if given enough time.
A behavioral web application firewall examines HTTP requests to a website to ensure it is legitimate traffic. This always-on device helps protect web applications and APIS from security breaches within cloud environments and data centers that are not on-premises.
5. Notifications and alerts
- Awareness and proper communication of security threats is a cornerstone of network security and the same goes for cloud computing security.
- Alerting the appropriate website or application managers as soon as a threat is identified should be part of a thorough data security and access management plan.
- Speedy mitigation of a threat relies on clear and prompt communication so steps can be taken by the proper entities and impact of the threat minimized.
6. Insufficient Identity, Credential, Access and Key Management
Cloud computing introduces multiple changes to traditional internal system management practices related to identity and access management (IAM). It isn’t that these are necessarily new issues. Rather, they are more significant issues when dealing with the cloud because cloud computing profoundly impacts identity, credential and access management. In both public and private cloud settings, CSPs and cloud consumers are required to manage IAM without compromising security.
7. Account Hijacking
- Account hijacking is a threat in which malicious attackers gain access to and abuse accounts that are highly privileged or sensitive.
- In cloud environments, the accounts with the highest risks are cloud service accounts or subscriptions.
- Phishing attacks, exploitation of cloud-based systems, or stolen credentials can compromise these accounts.
8. Limited Cloud Usage Visibility
Limited cloud usage visibility occurs when an organization does not possess the ability to visualize and analyze whether cloud service use within the organization is safe or malicious.
This concept is broken down into two key challenges.
Un-sanctioned app use: This occurs when employees are using cloud applications and resources without the specific permission and support of corporate IT and security. This scenario results in a self-support model called Shadow IT. When insecure cloud services activity does not meet corporate guidelines, this behavior is risky— especially when paired with sensitive corporate data. Gartner predicts that by 2020, one-third of all successful security attacks on companies will come through shadow IT systems and resources.
Sanctioned app misuse: Organizations are often unable to analyze how their approved applications are being leveraged by insiders who use a sanctioned app. Frequently, this use occurs without the explicit permission of the company, or by external threat actors who target the service using methods such as credential theft, Structured Query Language (SQL) injection, Domain Name System (DNS) attacks and more.
REF
https://www.cdnetworks.com/cloud-security-blog/5-key-cloud-security-challenges/
https://cloudsecurityalliance.org/blog/2020/02/18/cloud-security-challenges-in-2020/
No comments:
Post a Comment