What's Up In The Cloud? Security

Whiles our working habits drastically changed over a couple of years and the Cloud is now an essential tool for most businesses, it can also bring considerable cybersecurity risks and compliance issues. Previously, most workers would access their files, accounts, and company servers via their workplace and therefore be protected by enterprise firewalls and other security tools. The expanded use of cloud applications and our new hybrid work lifestyles enables anyone in an organization to access corporate applications, documents, and services from anywhere and therefore new tools are needed or needed to be upgraded.

In that context, we asked 3 questions to our Cloud Security Expert, Clément BETACORNE.?

Clément, what new threats appeared with Cloud Computing and hybrid work?

Based on recent studies*, the most important threat that appeared with Cloud Computing is "Insufficient Identity, Credential, Access and Key Management and Privileged Accounts".

Why is that?

Well, nowadays Corporate VPNs and cloud-based application suites are prime targets for hackers. Most of the time to get into a corporate network, an attacker only needs to get a hold of a user and password – by stealing them via a phishing email or using brute force attacks to breach simple passwords (8 characters with uppercase, lowercase, numbers, and symbols). Moreover, with the rise of hybrid work detecting an intruder and unauthorized access can be very difficult as the credentials would be real- people working from anywhere and at different time frames. If you add to that third-parties accessing your environment for maintenance or administration, the equation can be quite complex. That’s why a consensus has been reached (CSA, CISA, NIST, Microsoft, OpenGroup, etc…) regarding a zero strategy to assist companies in solving these challenges. Long story, short, if we take the CISA maturity level it is based on 5 pillars (Identity, Device, Network / Environment, Application workload & Data) - Identity is therefore part of it.

?“82% of data breaches are known to be possible involving a human element”

The SolarWinds hack should be a reminder that an assumed breach mentality is important when we design a solution. Attacks against cloud applications can be extremely damaging for victims as cyber criminals?can be on the network for weeks or months. It can lead to a large amount of sensitive corporate information being stolen. Or it could be an entry point for a ransomware attack. It is therefore very important for organizations to have the correct tools and practices in place to secure their cloud services.

Clément, what are the first steps an organization has to put in place to limit such threats?

One of the first two preventive steps would be to have cyber hygiene (which means patching your systems) and use multi-factor authentication to control user accounts based on risks or user behavior. Whether it’s a VPN, a remote desktop protocol (RDP) service, or an office application suite, employees should be using a multi-factor authentication (MFA) tool when a risky behavior is detected. According to Microsoft, MFA protects against 99.9% of fraudulent sign-in attempts. This will block unauthorized users and will also alert a company if they are targeted by malicious hackers. Cloud Security Posture Management tools can also be efficient to detect security weaknesses in cloud applications.

“According to Microsoft, MFA protects against 99.9% or fraudulent sign-in attempts”

Last, but not least, training and informing all Cloud users on regular basis on the threats and how to avoid them is key. 82% of data breaches are known to be possible involving a human element. So the more employees are informed, the lower the risks.

?Clément, any personal advice you want to add?

?It is very important in this new landscape to understand that cyber security should be based on risk and support the business. With a risk-based approach, organizations build customized controls to mitigate the company's vulnerabilities and increase the cost for an attacker to get what they want. But it is important to understand that the cost of the customized controls should be based on the value of the asset you are trying to protect. It distills top management’s risk-reduction targets into precise, pragmatic implementation programs with clear alignment from the board to all employees.?

#cybersecurity #cloudsecurity #cloudjourney #cloudexpert #cloudthreats #riskassessment #costoptimization

* source: Cloud Security Alliance

Clément Betacorne has over 10 years of experience in Security and Identity as well as in Access Management acquired in dozens of international organizations.