Many cloud service users mistakenly assume that cloud providers are responsible for securing cloud systems and ultimately, company data that resides on them. The attack techniques behind recent cloud computing breaches including VMWare, Dropbox, Salesforce and Microsoft Azure (and more) vary; however, in combination these events have exposed millions of records and terabytes of sensitive customer data.
Cloud adoption means cloud computing providers are high value targets
In a survey this year, the Cloud Security Alliance (CSA) found that nearly 1/3 of organizations are struggling to manage cloud security. Even the highest levels of government are struggling— take the Pentagon, whose CIOs were reportedly reprimanded by the US Department of Defense Inspector General for running systems with unmitigated vulnerabilities and not properly reviewing documentation designed to ensure military cloud security.
Cloud computing providers work to ensure their systems are as robust as they can be, but sophisticated adversaries adapt quickly to find in-roads to high value targets. In the race to cloud migration, recent cloud breaches raise a cautionary flag, a warning to reconsider potentially putting cloud security ownership in the providers’ hands.
Companies are migrating to cloud systems to manage hybrid work environments— and investing in those resources accordingly. One Gartner estimate suggests cloud spend will climb to $600 billion this year. According to a recent report, 97% of surveyed IT leaders intend to broaden cloud systems further, with the majority (72%) focusing on hybrid cloud.
Best practices and good cyber hygiene reign supreme
Ever-increasing cloud adoption drastically expands your company’s attack surface. Recent cloud provider attacks leveraged a variety of attack vectors including ransomware delivery via an unpatched server vulnerability (VMWare), stolen credentials gained through phishing (Dropbox), and misconfigurations (Salesforce and Microsoft Azure).
A robust security stack helps, but if those systems don’t (or can’t) communicate with each other they can produce blind spots that put your data at greater risk of exploit. The best defense against a mix of sophisticated and unsophisticated attack techniques is good cyber hygiene that’s rooted in security best practices.
Data protection practices for your cloud environment
Strong cyber hygiene includes applying the basics of data protection and tracking to your cloud environments. Here are 8 of the most important ones:
- Perform detailed assessments of your current cloud environment.
- Conduct regular audits and tests on cloud services to detect possible vulnerabilities before they become major issues.
- Establish regular backups on redundant storage locations and providers to keep data safe during unexpected outages.
- Monitor user activity so suspicious behavior can be identified quickly, and necessary measures taken accordingly.
- Train staff on proper usage of the cloud platform.
- Implement Quality Assurance processes throughout all elements of the system.
- Ensure each user has an individual account with restricted access rights.
- Monitor activity regularly using reports from your cybersecurity team or third-party service provider.
Data loss prevention (DLP) strategy includes your cloud environment
When it comes to data loss prevention, ensure that your existing DLP strategy extends to and captures cloud provider risks with these best practices in mind:
- Gain complete visibility into your company’s data and attack surface— use an automated data discovery and classification platform like Cavelo to build and maintain an inventory of sensitive data stored in cloud systems and classified by data type.
- Evaluate your internal capabilities, and whether you need more resources or new technologies to fill the gaps.
- Create a system for data classification.
- Ensure you only keep or retain data that you actually need.
- Establish company-wide policies for how to handle data.
- Implement different levels of authorization for employees.
- Measure the performance of your data loss prevention strategy, so you have the insights you need for continual improvement.
- Ensure your security stack allows you to access and manage data from popular cloud services like Office365, Google Workspace, Salesforce, Dropbox and more with API connectors. This connectivity will ensure full visibility to all data across on-prem systems and cloud services, giving you an accurate picture of your organization’s attack surface and security risk.
These measures will improve cloud infrastructure security while also creating audit trails for identifying potential risks within your environment before critical incidents occur. Reach out today to schedule a tailored platform demo and see how Cavelo can help you achieve attack surface management and prevent data loss in cloud computing.