Cyberattacks have become a prominent feature of the news headlines in recent years.
Only last week hackers targeted Twitter, PayPal and Spotify.
As more private and public sector organisations migrate their applications and data to the public cloud, understandably risk around security remains a serious concern. No business wants to be taken offline, have its reputation damaged or customer data stolen because it hasn’t taken a comprehensive approach to cyber security. Understanding the threats is the first step towards minimising any potential risk.
- Compromised credentials and broken authentication
Data breaches and other attacks frequently result from lax authentication, weak passwords, and poor key or certificate management. Many companies often struggle with identity management as they try to allocate permissions appropriate to the user’s job role. More importantly, they sometimes forget to remove user access when a job function changes or a user leaves the company
Multifactor authentication systems such as one-time passwords, phone-based authentication, and smartcards protect public cloud services because they make it harder for attackers to log in with stolen passwords. Both Microsoft Azure and AWS offer MFA services. A user logging on to either platform will be prompted for their user name and password (the first factor—what they know), as well as for an authentication code from their AWS/Azure MFA device (the second factor—what they have). Taken together, these multiple factors provide increased security for both AWS & Azure account settings and resources.
- Data breaches
Public cloud environments face many of the same threats as traditional corporate networks, but due to the vast amount of data stored on cloud servers, providers become an attractive target.
Both Azure and AWS adopt a shared responsibility model. Certain aspects of the security are the responsibility of the end customer, while other aspects are Microsoft’s or Amazon Web Service’s as the operator. The specifics of where the responsibilities divide are described here:
- Hacked interfaces and APIs
All the major public cloud services and applications now offers APIs. IT teams use interfaces and APIs to manage and interact with cloud services, including those that offer cloud provisioning, management, orchestration, and monitoring.
The security and availability of cloud services — from authentication and access control to encryption and activity monitoring — depend on the security of the API. Risk increases with third parties that rely on APIs and build on these interfaces, as organisations may need to expose more services and credentials as the first line of defence and detection. Threat modelling applications and systems, including data flows and architecture/design, become important parts of the development lifecycle. Both Microsoft Azure and AWS also recommend security-focused code reviews and rigorous penetration testing.
- Permanent data loss
As the public cloud has matured, reports of permanent data loss due to provider error have become extremely rare. But malicious hackers have been known to permanently delete cloud data to harm businesses, and of course public cloud data centres are as vulnerable to natural disasters as any facility.
Public cloud providers recommend distributing data and applications across multiple cloud zones for added protection. Adequate data backup measures are essential, as well as adhering to best practice for business continuity and disaster recovery.
- Infrastructure Protection
Both AWS and Microsoft Azure infrastructure includes hardware, software, administrative and operations staff, and physical data centres. They address security risks across the infrastructure with continuous intrusion detection and prevention systems, Denial of Service attack prevention, regular penetration testing, and forensic tools that help identify and mitigate threats. With AWS and Microsoft Azure, customers can reduce the need to invest in these capabilities on their own while benefitting from the economies of scale that the two public cloud providers offer.
By James Pearse, Cloud Consultant, SystemsUp
SystemsUp is an AWS Advanced Cloud Consulting Partner and a Microsoft Gold Partner for Identity Access and Devices and Deployment. To find out how we work with customers to ensure their journey to the cloud is a secure one please contact us.