The cloud experienced a major surge in popularity in 2014, with more companies adopting the technology than ever before. Last year was also the worst year yet for data breaches, and while the cloud is becoming increasingly secure, some organizations still haven’t figured out the right way to protect their assets in the cloud.
“Many of the affected companies fell into a very common trap, often referred to as the ‘compliance = security’ mindset,” said Cloud Passage CTO Amrit Williams. “This thinking concludes that if a company goes to the trouble to be legally compliant – compliant to any number of regulations, including HIPAA, PCI, etc. – then it will be effectively ‘secure.’ Unfortunately, nothing could be further from the truth.”
Below are five security tips Williams recommends for any enterprise looking to make their cloud environment more secure:
1) Compromise management
A big mistake many businesses make when it comes to cybersecurity is not having any procedures or policies in place for quickly remediating a data breach and mitigating the effects. Companies need to adopt a “not if but when” mentality towards malicious intrusions and prepare accordingly. In order to react to a breach, organizations first have to know they have been compromised, which requires putting the proper technology in place to identify malicious behavior. Tools like intrusion detection and file integrity monitoring can make a big difference for high risk businesses.
2) Increase network monitoring
One of the best ways to improve security within an enterprise cloud environment is also one of the most obvious: visibility. In order to protect a company’s assets in the cloud, there first has be be visibility into the technological assets and services that need defending. IT security teams need to be able to see what applications and programs are being used, where they are and what they’re doing at all times. Once the IT department has gained an understanding of the layout of the cloud environment, it will be much easier to create a strategy to limit attack surfaces and improve prevention and mitigation techniques.
3) Reduce exposure to cybercrime
This takes visibility one step further and adds context into the equation. After an organization has gained transparency into their cloud infrastructure, it’s important to eliminate the apparent vulnerabilities and flaws within the network. Out-of-date workstations and software, unencrypted files or a lack of password protection are easy to spot and should be remediated immediately. Reducing the obvious risks from a network along with increasing monitoring and visibility can help dramatically reduce the threat of cyberattacks.
4) Data protection and encryption
Once an organization takes inventory of the programs hosted in their cloud environment, it’s important to take their security to the next level by adding encryption. Not all information has to be encrypted, as it makes it more difficult to access, but all files known to be sensitive – such as financial data, customer information and employee records – should be protected this way. Williams suggests companies look back at previous breaches they’ve suffered and what information was involved. Any targeted data should automatically be encrypted to secure it against another attack.
5) Strong access control
While most businesses already utilize access controls, many do so incorrectly. Often times users are given far more access than is necessary, compromising an entire network. Recently, multiple breaches have been executed through the use of valid access IDs that were wholly unrelated to the user’s role within the organization. In many businesses, access is given based on an employee’s level within the company and not their actual function, creating multiple major vulnerabilities that could easily be fixed. In this instance, the concept of least privilege is essential, ensuring security is as tight as possible.
For overall enterprise cybersecurity, implementing a layered security approach is one of the most reliable ways to defend against data breaches and keep malicious actors away from privileged networks.