IBM News

IBM Expands Cloud Pak for Data with New DataOps Enhancements to Help Clients Get their Data Ready for AI

NEW YORK, Sept. 10, 2019 /PRNewswire/ -- IBM (NYSE: IBM) today announced enhancements to Cloud Pak for Data that leverage the DataOps methodology to help clients get their data 'business-ready' for AI. As corporate data continues to grow in both volume and complexity – often of mixed structures and types and
/
Intel Technology Propels Olympic Games Tokyo 2020 into the Future

Intel Technology Propels Olympic Games Tokyo 2020 into the Future

TOKYO, Sept. 11, 2019 — Today, Intel announced that it is partnering with the International Olympic Committee (IOC), the Tokyo Organizing Committee of the Olympic Games (Tokyo 2020) and a broad array of partners to drive the future of the Olympic Games Tokyo 2020 with
/
Chris Gervais

How to Avoid Becoming Another Cloud Security Statistic

Cloud Security Statistic

Last year, Gartner predicted that, by 2020, 95 percent of all cloud security failures will be caused by user error. This means that organizations, rather than service providers, are much more likely to be responsible for issues, and therefore need to be extra diligent when it comes to securing and configuring environments.

Fortunately, there are ways to avoid becoming another statistic. By following the advice below, you’ll be able to minimize cloud security risks:

Put Your Trust in the Cloud

Security

Not long ago, many people questioned how they would be able to trust such an enigmatic entity. How were enterprise organizations who kept their data privately secured on-premises supposed to rely on cloud providers to keep their data secure and their applications safe?

Flash forward to present day: Organizations choose cloud platforms like AWS, Azure and Google Cloud Platform because they rarely face downtime and have a wealth of talented infrastructure engineers that develop and deploy best security practices.

One of the common misconceptions surrounding cloud platforms is that these platforms are solely responsible for customer’s’ security needs. Because of this misconception, many companies aren’t paying enough attention to how their employees use external applications, which can lead to employees inadvertently sharing sensitive data with third parties, other employees, or the whole internet.

Regardless of how secure your cloud platform is, without the proper controls, user education and protocols in place, there is no way to guarantee that your data is safe from malicious actors.

Share Responsibility, Avoid Mistakes

Cloud security is based on a shared responsibility model: a framework that states cloud providers are responsible for the security of the cloud itself, while users are responsible for securing the data and applications in the cloud.

AWS, Azure and the Google Cloud Platform each have their own versions of the model, detailing what the platforms securely cover and what the customer needs to maintain itself. In order to make sure you’re upholding your end of the model, and adhering to cloud security best practices, it’s important to start with having visibility into your cloud environment. With complete visibility, you’ll be able to collect data that can be monitored and audited. Since you’ll have a baseline of what’s ‘normal’ in your environment, you’ll be be alerted to potential threats to the system when any abnormalities occur.

With full visibility into your system, not only will you be able to see what’s going on in your environment, but your security team will also gain insights into their users, files, and system behavior. Continuous monitoring, and setting up alerts for abnormal behavior, helps you manage risk and keep your cloud environment safe. This is particularly important in heavily regulated industries as consistent monitoring is key to remaining compliant.

By participating in the shared responsibility model, your organization will be better equipped to understand what in the cloud is already secure, and will be able to avoid blame by maintaining and monitoring areas that aren’t secured by your cloud provider, and what your organization needs to maintained and monitor. By understanding what exactly you’re responsible for when it comes to protecting your data, your organization will be better equipped to avoid (or fix) any user-errors in the cloud that could open your environment up to malicious activity.

Use In-Platform Security Tools

To hold their side of the shared security model, cloud platform providers have enhanced built-in security capabilities. These may include web app firewalls, encryption both at rest and in transit, IAM tools, and more. A great example is AWS CloudTrail. It helps organizations pinpoint which accounts and users are accessing the platform by determining which IP address API calls are being made from, and when they occur. This platform-sourced data can be used to detect and respond to possible issues in security and can improve usage of the platform itself.

Google Cloud Platform also offers a wide range of built-in security tools that range from secured service APIs and authenticated access to setting user and credential management at the project level. After you’ve picked a cloud provider, make sure to familiarize yourself with the security offerings they built into their platform as they’re usually quite extensive.

Configure Your Cloud Environment

There are ways for companies to ensure they are doing their part when it comes to securing data and applications inside the cloud platform. As it stands right now, 73% of companies today have critical AWS misconfigurations that leave systems vulnerable to attacks non-public consoles or resources. Running a configuration audit will allow for a company to analyze where potential holes and gaps in the system exist, allowing for them to limit exploitability and vulnerabilities.

It’s up to you to make sure that you are meeting the best practices laid out by providers and the Center for Internet Security. It’s true that Amazon, Google, and Azure offer guidelines about how to best configure your cloud environment, but they can’t do it for you.

See What’s Happening in Your Workloads

In addition to the tactics listed above, you’ll want to have complete visibility into your cloud environment. You’ll want to be able to monitor, audit, and be alerted on any real or potential threats to your cloud environment in real-time, especially if you’re in a highly regulated industry that stores sensitive information and workloads in the cloud.

This shift to complete visibility may require an internal reset (especially if you’re migrating from a legacy environment), but by focusing on your cloud’s workload you’ll be able to see exactly who is doing what to your organization’s files. That way you’ll be able to keep your sensitive information safe, and stop any potential mishaps before they spiral out of control.

Be more than a statistic

Although cloud customers may be responsible for 95% of security failures in the cloud, there are ways to keep your organization — and more importantly, your data — secure. Understanding the cloud platform and its uses, implementing the shared responsibility model, and enacting best cloud security practices are some ways your organization can limit security issues within the cloud, and avoid becoming a statistic.

By Chris Gervais

Chris Gervais Contributor
VP of Engineering – Threat Stack
Chris Gervais, VP of Engineering. As Threat Stack’s head of Engineering, Chris is passionate about building, not only a rock solid, high-performance product, but also a team of elite engineers, industry best processes and a culture that attracts the best talent. Prior to Threat Stack, Chris held senior positions at lifeIMAGE, Enservio, Partners Healthcare, Inc., Inflexxion, Inc. and VIS Corporation, where he was responsible for engineering, technical operations, and technology strategy for cloud platforms.
CA Technologies

CLOUD PARTNERS | SPONSOR SERVICES

BI Data

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the business world as a whole ...
The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, competitors and even foreign governments ...
The Cloudification of Healthcare: Benefits and Risks

The Cloudification of Healthcare: Benefits and Risks

Cloud Healthcare: Benefits and Risks Many organizations are moving most of their business-critical applications and workloads to the cloud. The healthcare industry is no exception ...
How Can We Use Artificial Intelligence When We Can't Handle Real Intelligence?

How Can We Use Artificial Intelligence When We Can’t Handle Real Intelligence?

Artificial Versus Real Intelligence In this article we will be discussing the pitfalls of societal disillusionment with facts, and how this trend may become troubling ...
Firefox is testing a VPN, and you can try it right now - It’s part of the revitalized Firefox Test Pilot program

Firefox is testing a VPN, and you can try it right now – It’s part of the revitalized Firefox Test Pilot program

/
Last week, Mozilla said its Firefox browser would block third-party trackers for everyone by default and yesterday, Mozilla announced a new product that could give Firefox users even more privacy ...
Reuters news

Libra cryptocurrency must meet tough regulatory standards-U.S. Treasury

/
BERN (Reuters) - The Facebook-led Libra cryptocurrency project must meet the highest standards for combating money laundering and terrorism financing, a senior U.S. Treasury official said on Tuesday. Any cryptocurrency ...
International Data Privacy Laws

51 companies tell Congress it’s time to tackle data privacy

/
Amazon, AT&T and Qualcomm are among those involved The corporate world isn't waiting around for Congress to get started on tougher data privacy laws. A group of 51 CEOs from ...

TRENDING | TECH NEWS