How to keep your data safe in the cloud
Limited Time Offer!
For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!
Source – theweek.com
Cloud storage and cloud computing are booming. Worldwide public cloud service revenues are expected to grow by 18.5 percent in 2017 to a whopping $260 billion — and there’s no reason to think that pace will slow down any time soon.
It’s not hard to see why business is booming. The cloud offers families a convenient way to store everything from pictures to documents, and provides individuals and businesses efficient new ways to work together, handle services such as payroll or online software, and share what they’re doing via remote networks of servers.
But there’s a catch. All that data collected in a shared space makes a prime target for hackers. And despite the clear risk, RedLock found in its recent Cloud Security Trends report that 81 percent of organizations are not doing enough to protect their cloud environments.
Here’s a quick look at how data in the cloud is vulnerable, what’s at stake, and how to reduce the risks.
What are some of the main threats?
A big risk is the dreaded data breach. Hackers can get access to personal information and credit card data that lives in the cloud, but, as Fahmida Y. Rashid notes in a rundown of cloud security threats at InfoWorld, “breaches involving health information, trade secrets, and intellectual property can be more devastating.” Bottom line, Rashid says: “The severity of the damage tends to depend on the sensitivity of the data exposed.”
Another danger is that hackers will flat out hijack accounts once they gain access. “Attackers can eavesdrop on activities, manipulate transactions, and modify data,” or even delete it, Rashid says. Hackers also can use the cloud application they’ve commandeered to launch more attacks, or use advanced persistent threats (APTs), a sort of cyber-parasite, to establish a presence in a system and “stealthily exfiltrate data and intellectual property over an extended period of time,” Rashid says.
This can lead to extensive damage to a company’s brand, lost data, or identity theft. Many companies use cloud-based payroll services, for example. If breached, this can be a “trove for cybercriminals,” says Michael Baer at the Bloomberg BNA Payroll Blog, citing representatives of several payroll-service providers.
How do the bad guys do it?
There are plenty of ways cloud services can be vulnerable. If an authorized user’s credentials fall into the wrong hands, or there’s a flaw in the authentication system, look out. The RedLock researchers found that administrative accounts for 38 percent of public cloud computing environments could have been compromised. If a cybercriminal gets hold of an authorized user or administrator, he or she can do a lot of damage before they’re found out.
System bugs can also give hackers an opening. When we access services in the cloud instead of on our own server, Rashid points out, we “share memory, databases, and other resources in close proximity to one another, creating new attack surfaces.” A flaw in the lines of code running an application can create a vulnerability a hacker can exploit. The RedLock report found that 53 percent of organizations using cloud storage services such as Amazon Simple Storage Service (Amazon S3) had goofed and left a service (or several of them) somehow exposed.
Another danger is mobile computing. “Almost 70 percent of the employee population accesses their corporate accounts with the help of their own mobile devices,” says Priya Viswanathan at Lifewire. “This could create a mobile security hazard for the enterprise concerned.” The security of any such interaction is only as secure as the device, the connection, and the user’s handling of his or her credentials allow.