Data security in cloud computing

Data breach implies the act of viewing, copying, stealing, and transmitting sensitive or confidential information, which may be disclosed publicly or taken for ransom. Although it's not a security threat specific to cloud computing, the increasing number of data breaches makes it a top concern for customers and companies moving to cloud services.

According to the Ponemon Institute's report, a data breach in the cloud leads to heavier and more costly consequences. For instance, if 100,000 or more customer records were stolen, the cost of a data breach could be as much as $5.32 million instead of an average cost of $2.37 million. The common data breach scenario is as follows: a cybercriminal manages to find weak spots in the security system and initiate an attack using technology or social engineering.

Technology attacks include using network or application flaws to install malware on one of the computers within a corporate network. Social engineering implies drawing access to the corporate network out of the employees, making them enter credentials into fishing forms or open malicious attachments. As soon as the cybercriminal gets into the system and extracts sensitive information, a data breach has officially ruined your reputation and brand image.

One of the main preventative techniques to this common security risk is good old multi-factor authentication. If besides providing a login and password, an employee has to enter a randomly generated temporary code, the risk of unauthorized access and a data breach decreases. Moreover, using advanced firewalls that monitor the system traffic can help you spot suspicious activities.

In addition, it's vital to resort to encryption at rest. Even if the encrypted data is stolen, no one will manage to use it without the encryption keys.

Finally, as the human remains the weakest spot in the cybersecurity strategy, it's crucial to carry out ongoing cybersecurity training that teaches employees to double-check email addresses from incoming emails, URLs of the website to enter their credentials, and attachments or links from unknown, suspicious sources.

Data loss is another cloud security threat, which is better prevented than cured. The top reason for data loss in the cloud is a technology failure (server crash or automated updates of data sets in SaaS applications, when new data can partially replace the older). User errors (unintentional deletion) and malicious attacks rank second.

It's of primary importance for security while using cloud services to have a data loss prevention policy. It should cover intrusion prevention systems, data loss prevention tools, endpoint protection, and more. Remember to conduct regular backups on the company level. Implementing data loss prevention software allows you to automate backups and secure critical data against human error, technology failure, or natural disaster.

Another cloud-computing security risk is credential theft. According to recent info, 12 million stolen corporate credentials have been placed for sale on at least 20 dark web marketplaces. Stealing cloud users' credentials allows cybercriminals to access corporate systems, assets, and data, which may lead to the above-mentioned data breach and loss. This incurs high financial and reputation losses, saying nothing of the customer churn it causes.

Put brute force attacks and phishing scams aside; there are much more sophisticated credential theft techniques today. They include social engineering techniques when a user is convinced that the request for their credentials is legal. There's also keystroke logging, which means surreptitiously recording any keystroke a user makes (i.e. login credentials) and saving the recording in an encrypted log file.

As increasing password length and complexity helps to ward off only yesteryear's brute force attacks, it's critical to enable multi-factor authentication via employees' mobile devices to secure their accounts. Secondly, introducing an IP location lockdown allows you to limit access to the cloud applications only from the office IP, or the IP's of employees that work remotely. Also, it's necessary to enhance access management of a cloud solution by, for instance, enabling user roles and permission sets that define what info can be viewed by a particular user. When each user has access to the info specific to his or her job role only, it reduces the chance of exposing other critical info to third parties.

Application programming interfaces (APIs) are used as an entry point to cloud applications either by company employees or by a company's clients via its web and mobile apps. Thus, insecure APIs pose significant security threats in cloud computing. If cybercriminals spot a vulnerability in an API, they may leverage it to perform successful attacks on the corporate cloud assets of numerous customers of the cloud services provider.

Penetration testing is crucial. It allows you to spot the weaknesses in the APIs and simulate the attack on a particular API's endpoints, thus trying to access the corporate systems. Annual penetration testing is a bare minimum to ensure API security. On top of that, it's advisable to perform regular IT security audits, to safeguard APIs along with other components of cloud IT infrastructure.

Finally, using Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols for data encryption allows for secure internet connection and safe transfer of personal data between cloud-based applications, with no chance for hackers to read it.

Although cloud applications are highly scalable and can successfully deal with the increasing workload, they may become unavailable under a DoS attack. DoS attacks are serious cloud computing security concerns aimed to make the system inaccessible to users due to its overload with superfluous requests. In addition to disrupting the system's operations and making it unusable, DoS attacks can be used to support other cybercriminal activities, e.g., disabling applications' firewalls.

Preventing this cloud computing security challenge requires a mix of tools for DoS attack detection, traffic classification, and response. The non-exhaustive list of security solutions includes firewalls, VPN, load balancing, anti-spam, and others. Having an intrusion prevention system (IPS) that works on content recognition allows you to spot suspicious traffic and warn against any threats ASAP. Additionally, a DoS defense system allows you to curb attacks with legitimate content, but harmful intention, efficiently managing protocol attacks and rate-based attacks.

Cloud computing has opened a whole world of scalable and efficient applications, along with more security risks and threats. Although we didn't disclose all the cloud security issues in this article, be sure that a lot more are to follow. Among them are achieving compliance on cloud-based solutions, staff that lack cloud experience, privacy, and vendor lock-in, to name but a few. It's a tall order for a company to manage these challenges by itself, so cloud services providers that cover security are the right people to come to in this regard.