What to look for in a secure cloud system
Not all cloud products support the same level of security, so what should organisations be looking out for?
Over the last few years, the use of cloud computing has soared, and none more so than in 2020, when the global pandemic forced businesses to close their work spaces and organisations turned to the cloud to continue operating.
According to cloud consultancy HSO, 84% or organisations are now using cloud-based services, whereas five years ago, only half of businesses had embraced the cloud. And by the end of 2022, 90% of global organisations will be using a mix of hybrid-cloud and private cloud, a report by IDC states.
By adopting cloud services, many businesses have reaped the benefits of cost savings with the reduction of owned hardware, as well as the greater flexibility in how employees could work, with access to company files and data made easier via the internet.
However, with this shift in digital transformation, cyber criminals also took advantage of the new vulnerabilities of remote working, with 3.1 million attacks on cloud user accounts throughout 2020, an increase of 50% compared to the year before.
With the on-demand nature of cloud computing, data breaches, a lack of cloud security strategy, limited visibility and insufficient access management are top concerns for CIOs, and these are set to continue as more data and apps move to the cloud.
As with any technology, being aware of security threats and adopting the best practices and the systems to counter them is key to reaping the rewards while mitigating the risks. The evolution of cyber crime has propelled cloud security forward, with many cloud providers now making placing it at the front and centre of their offerings. With the best defences, tailored to the needs of the client, providers are working to ensure that customers’ data and environments are thoroughly protected.
However, not all cloud providers are created equal and not all security offerings will provide the same level of protection. This is because there is no one-size-fits-all solution - some organisations will need extremely tight access restrictions on everything, and others might need a more balanced, bespoke approach in order to operate properly.
To help you find the right solution for you, we’ve looked at four key things to consider when assessing your cloud security.
The first thing to check for in a cloud solution is the ability to share information across departments. This functionality is key for CIOs looking to transform their businesses by improving customer experiences and organisational agility, while also introducing new digital revenue streams.
Corporations run hundreds, and sometimes even thousands of interconnected applications to support their operations. Traditional solutions store information in many different places, so keeping those systems in sync is a challenging task.
True, multi-tenancy SaaS with human resource, finance and planning data stored in one application makes all of this much easier. This central design has many benefits, including all systems working from a common framework, so there are no inconsistencies in data. It also eradicates the disconnect between the system and its users; a problem prevalent in many legacy systems.
The secure cloud configuration imperative
The central role of cloud security posture managementWatch now
Consequently, overall security improves with a single version of the software that is continuously updated, scanned and patched. This is far better than working with multiple packages, and any security-related changes to the system architecture are relayed to all customers simultaneously. If a leading enterprise needs a stringent new security feature, it's available to an SMB as well.
Conversely, it's important to make access control a serious priority. The modern workforce comes paired with all sorts of different hardware, meaning a spread of data across more access points, increasing the likelihood of a vulnerability. By prioritising an access solution involving vetting applications used, specifying permissions and setting policies, the correct employees can access the tools they need in order to work efficiently.
In the old days, corporations relied on firewalls to protect information, believing that once the business had warded off outsiders, information was safe. Since hackers can attack systems at different levels, such thinking is now very outdated. Once hackers gain access to a system, they stay, often working their way from low-level to high-level security clearances and compromising sensitive information.
Encryption serves as one way firms can protect themselves. Typically, data is encrypted in transit, which is a first rather than last step. Once information enters the data centre, it's unencrypted and therefore vulnerable. To address this problem, organisations need to encrypt information at rest in a persistent data store.
Unfortunately, these systems are complex and difficult to implement, so cloud services built on legacy architectures rarely support the encryption of all customer data at rest.
With modern cloud architectures, a good cloud vendor will take on those responsibilities, especially if privacy and security are embedded into the system from the beginning.
Passwords serve as a marker to which technological advancement has long since surpassed, with the phrase ‘password safety’ itself quickly becoming an oxymoron; rather than assuring security, a password acting as the dominant user authentication method in accessing a computer or network should instead serve as a warning.
Passwords can be infiltrated by malicious software commonly available to hackers, making it easier and quicker than ever before for security perimeters to be breached. The scale of the problem is vast and well-known, with Google recently releasing figures that reveal 1.5% of password sign-in attempts include the use of compromised data.
Complex passwords have developed in an attempt to plug the security gap. Typically they consist of a randomised sequence of letters and digits, including special characters. However, faced with rapidly evolving malicious technology these do little to resolve the wider security issues present.
Fortunately, security technology has responded to pick up the slack. Single-sign-on (SSO) technology has developed into the user authentication method of choice for secure organisations, eliminating the need for regular passwords. SSO makes computers and networks more secure by allowing users to access multiple applications using just one set of login credentials by logging them into a central hub.
This allows administrators to more easily apply enhanced security controls and is a great convenience for users who no longer have to remember a plethora of passwords, with SSO thus paving the way towards a more positive user experience.
SSO comes with its own security risks, however. A hacker who gains control over a set of credentials will be granted access to each and every application integrated into an enterprises’ IT infrastructure. Therefore, it’s vital to couple SSO with identity governance to more readily authenticate users.
Support for third-party standards
Industry and government groups have designed various compliance frameworks to protect customer information, with increasingly tough regulations being introduced around the world. However, the specifications are only a starting point.
While assessing a solution, the various compliance standards and security implementations should be thoroughly examined. Is the service simply aligned with the standard or has the service been certified? How is the information stored? What level of encryption is supported? How are updates handled?
All cloud providers claim to have secure systems, but few offer the higher levels of protection needed for an enterprise's valuable data. Carefully examining a vendor's solution, however good it may seem on the surface, is the key to a compliant, breach-free cloud future.
2021 Thales access management index: Global edition
The challenges of trusted access in a cloud-first worldFree download
Transforming higher education for the digital era
The future is yoursFree download
Building a cloud-native, hybrid-multi cloud infrastructure
Get ready for hybrid-multi cloud databases, AI, and machine learning workloadsFree download
The next biggest shopping destination is the cloud
Know why retail businesses must move to the cloudFree Download