/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow Us/dq/media/post_banners/wp-content/uploads/2017/05/Security-Breach-Investigation.jpg)
By: Aniketh Jain CEO & Co-Founder, Solutions Infini
Every time a data breach or data compromise is seen, we invariably question how safe is our data? How do we avoid data breach? What measures need to be taken in case of data breach? Instead of waiting for a data breach situation, why not be prepared if such a situation does arise.
As more data and applications are moving to Cloud, Cloud computing is actively transforming the way enterprises store and share data, applications etc. With vast amounts of data being stored, keeping it secure, putting a plan in place becomes the need of the hour.
Types of Cloud
To secure data, understanding the types of Cloud is quite important- whether it is a Hybrid cloud, private or internal cloud (most commonly known as Corporate cloud), and Public cloud.
Before storing any data on Cloud, it is important to know the Cloud provider’s IT strategy, whether it is Hybrid cloud, private or shared, or Public. You need to know their cyber security strategy and how they plan to execute it in case of a data mishap.
How to secure Cloud?
According to Gartner, “the volume of public cloud utilization is growing rapidly, that inevitably leads to a greater body of sensitive stuff that is potentially at risk. We are in a cloud security transition period and Enterprises are spending huge amounts of time trying to figure out if any cloud service provider is ‘secure’ or not has virtually no payback.”
To secure Cloud, understanding the risks are quite essential. According to a survey conducted by Alert Logic, security risks were categorized as follows:
- Hybrid cloud environments experienced the highest average number of incidents per customer at 977, followed by hosted private cloud (684), on-premises data center (612), and public cloud (405).
- The most common type of incident was a web application attack (75%), followed by brute force attack (16%), recon (5%), and server-side ransomware (2%).
- The most common vectors for web application attacks were SQL (47.74%), Joomla (26.11%), Apache Struts (10.11%), and Magento (6.98%).
- WordPress was the most common brute force target at 41%, followed by MS SQL at 19%.
How to minimize these Cloud risks?
It is important to analyze the primary objective behind targeted security attacks and how to mitigate them accordingly.
Here’s top five Cloud security issues faced and how to minimize them:
1) Identify who is responsible for
The level of responsibility varies and not all Cloud services are same. SaaS providers make sure their data is protected, being transmitted and stored securely.
For example: The organization has complete control over its EC2, VPC instances, like operating system, managing applications, and protecting data. When it comes to S3, the organization can only manage data, access control and identify policies. The operating system and applications are managed by providers.
2) Restrict Access
Data breach happens when access is given to multiple people. This way the connection is left wide open, giving every machine the ability to connect.
Most Cloud providers offer identity and access control tools. When creating identity and access controls, it’s smart to set up minimal set of privileges and grant permissions on a temporary basis depending on the requirements.
3) Secure the credentials
Most Cloud providers use APIs. Make sure API key is not shared, hence sensitive data does not fall into wrong hands. Regularly rotate the API keys since a survey by RedLock found that 63% of users do not rotate keys thus allowing attackers to pose as privileged users and infiltrate data.
4) Encryption
Cloud providers offer encryption tools and services. Unfortunately, not many companies use them. It is the responsibility of the company to maintain access controls for these encryption keys. We at Solutions Infini follow 128-bit SSL encryption to safeguard data from vulnerabilities.
Let’s say even if a data breach does occur or if a security configuration fails allowing the data to fall into unauthorized people, it cannot be used due to Encryption. In a nutshell, Encryption shields your data.
5) MFA
MFA or Multi-factor authentication is commonly offered by Cloud providers nowadays. This gives an added layer of protection apart from username and password. This feature should be enabled and can thus restrict access. OTPs or One-time passwords that are accessible only for a specific duration also help in curbing data breach.
We at Solutions Infini have identified and implemented a process and methodology for addressing risk. Risk is the foundation on which Solutions Infini develops IT policies. We have identified area of risks and follow 100% compliance to ensure that there is no data breach. We ensure our employees’ hard drives and laptops are encrypted, in case of theft or unforeseen circumstances, thus ensuring that data cannot be used.
Organizations need to evolve toward a risk management and mitigation approach to information security. They should consider adopting a Cloud first strategy to encourage adoption of cloud services and put security operations in a proactive position to control data breach.