Staying Safe as Houses in the Cloud
Just 2% of UK businesses reported a security breach in their cloud services, yet security remains the top inhibitor to cloud adoption, according to the latest Cloud Industry Forum research. While the data shows that there’s no greater risk to security in the cloud than on any other platform, it clearly remains a significant concern for enterprises. In our blog on cloud security we highlighted the Infamous Five Security Threats. In this post, Onyx Security Consultant, Andrew Waite provides valuable insight into best practice for each threat and how we keep our customers as safe as houses in the cloud.
- Data Breaches
Cloud computing has changed the nature of the hosting environment and re-framed some of the threats, however the fundamental protections remain the same –a robust combination of anti-virus, firewalls, system hardening and other well-known security protections.
These complimentary layers of protection cover both the technical and human aspects of the kill-chain and limit the risk of a single attack by-passing all required defences at the same time and compromising the system.
- Data Loss
A common mistake made by clients when first migrating to the cloud is to assume that the resilience and redundancy built into the CSP’s architecture will provide the same level of protection to the data on their hosted machines. Unfortunately this isn’t always the case. Indeed, the potential for recovering files that have been deleted in error can be reduced as a consequence of a cloud architecture that has been designed without addressing the risk of data loss.
Effective back-up programmes are just as critical in the cloud as they’ve ever been. The good news is that thanks to the benefits brought by the cloud, the typical cost of off-site and multi-site back-up protections are lower than they’ve ever been.
- Account or Service Traffic Hijacking
Password attacks are one of the older threats in IT, but time and again they’re still an attacker’s favoured method of entry, indicating that passwords alone can’t be relied on.
T-factor authentication (2FA) can significantly increase your resilience, protecting your systems, employees and clients. A by-product of managing account authorisation centrally is reduced administrative overheads for managing user accounts. In some cases the costs of 2FA can be offset completely against improved efficiencies.
- Insecure APIs
From authentication and access control to encryption and activity monitoring, interfaces must be designed to protect against both accidental and malicious attempts to circumvent policy.
Web application penetration testing allows cloud security consultants to identify weaknesses specific to your websites. This enables them to evaluate the potential harm that could be achieved and, crucially, how to remove the flaw before anything takes place.
- Denial Of Service
DoS and DDoS have always been difficult to address in business terms as it’s almost always more costly for a business to defend against a DoS attack than it is for the perpetrators to launch one. In-cloud Web Application Firewalls and DDoS protection have shown success, providing 100% uptime to client environments that would previously have been at risk under the same traffic patterns.
Protecting Your Network
With all protections, the key is to know which of your systems are most at risk and what the actual business impact of an outage would be. This enables defences to be tailored to your environment and security budget.
Book Your Security Assessment
Contact Onyx security on 0800 970 9292 consultants for an assessment on to find out just how secure your network is or download our white paper at www.onyx.net/media to hear how we keep networks like yours always secure.