Let's face it, it is nearly impossible to function as a business without employing a variety of cloud services. Your critical business information resides and depends upon systems outside of your facility and control. This presents both business and technical challenges, including how to adequately remain protected from cyber attacks.
What do we mean by cloud systems? They run the gamut, but most fall into one of the following categories.
Popular Types of Cloud Services
- Platforms (PaaS) like Microsoft Azure
- SaaS Productivity and collaboration tools like Microsoft 365
- SaaS business applications like CRM, Salesforce Automation, Accounting & Finance
- Task-specific SaaS tools for graphic design, engineering, etc.
Unique Challenges to Protecting Your Business and Your Data
While you must adapt your protection plans to cloud systems, cybersecurity fundamentals still apply. Good “hygiene” will go a long way toward keeping your systems, data, and business safe.
Your approach to security does need to be enhanced in some areas, however, due to a simple reality – cloud-based systems are easy to access. Their very connectedness (to the Internet) provides attackers with a means of launching their strikes.
Let’s look at 5 critical cloud security moves you should make:
1. Know What You Have
To start you’ll need a thorough inventory of the cloud platforms and apps that are in use. For each tool, capture who in your company has an account, how they access it (company computers, mobile devices, home computers, etc.) and what information or other assets reside there.
There is also a unique characteristic of cloud solutions to consider – the responsibility for maintaining security is shared between you and the provider. The provider is responsible for the physical security of the data center and for properly separating your information from that of their other customers. Meanwhile, your company is responsible for everything else, including operating it in a secure way.
We elaborate on the importance of knowing what you have in our post All Cybersecurity Plans Start With This Step.
2. Require Multi-factor Authentication
Cyber criminals easily exploit public access to cloud systems, then automate deployment of malicious code to breach new accounts and databases, change security settings, and lock out legitimate users.
In a recent test, our security solution partner Sophos [sophos.com] monitored new accounts they set up at 10 popular PaaS datacenters. The startling results:
- Within two hours, all 10 suffered malicious login attempts
- Each device saw an average of 13 login attempts per minute Exposed: Cyberattacks on Cloud Honeypots [sophos.com]
You and your organization need to expect sophisticated, automated attacks on your cloud-based accounts. Use multi-factor authentication (MFA) and strong passwords to provide layers of protection.
3. Use Different Accounts for Administration and Daily Work
In the rush to enjoy the productivity boost offered by a cloud system, you may be tempted to go through the setup process and configure access from what would become an end user account. Or you may whiz through the user setup process without slowing down to tailor security settings to only the level of access the user will require.
Instead, take the time to isolate administrative-level access to an account that will be used only for that purpose, and establish any user accounts with the rights required for that person to perform their work, and nothing more. That way, if a user account is compromised, the attacker will be limited in the damage they can inflict.
4. Leverage Automation
Computers are amazing machines. They have the ability to “remember” volumes and volumes of detail for which we generally have little need. In the event of a breach, however, “fingerprints” of a cyber attacker’s presence are likely present in the system somewhere.
Logins from locations where you don’t have any employees, the sudden appearance of new files, infected directories… the signs are there, but we humans are ill-equipped to find them.
Good cybersecurity practice includes automated analysis of access logs, event logs, and system transactions to identify trends and minor intrusions. Imagine poring through 4 million login events to find the one that is malicious. Automated tools are the way to go.
Once tools identify anomalies, people can step in with context to evaluate them. In that sense, automation acts as a ‘filter' to focus attention.
5. Train Your People
As you are aware, and statistics repeatedly prove, cyber criminals are only getting more active, driven by the success they are realizing. The vast majority of breaches could have been prevented by astute end user behavior or more stringent IT policies that dictate user account control.
Yes, they may complain about the hassle of MFA and strong passwords, but those are small prices to pay compared to a business-crippling breach. Prioritize security and conduct regular training. It’s the only way to achieve the diligence and consistency you need from your employees.
Good “cyber hygiene” is as important to protecting your cloud applications and data as it is to your on-premise systems. It’s not a matter of if your cloud accounts will be attacked, it’s more simply a matter of whether or not the attacks will be successful.
Make these 5 moves. Be thorough and consistent. If you do, you stand a much better chance of continuing to operate securely in the cloud.
Join the conversation