data

THE TOP 5 CLOUD SECURITY THREATS YOU NEED TO WORRY ABOUT

Cloud Security Threats

Cloud computing is clearly here to stay, and has become an integral part of any business computing strategy. For many businesses, the power, flexibility, and convenience of cloud applications outweigh the security risks — but that doesn’t mean that the concerns about security have gone away.

In fact, cloud security still faces a number of significant threats that all businesses of any size need to be concerned about. Any one of these risks can lead to devastating consequences, so it’s important not to fall into a false sense of security because nothing has gone wrong yet. Being aware of these threats, and employing robust cloud security solutions for protection, is important for keeping your business operational while protecting sensitive data.

1. Data Breaches

We see the headlines all the time: The personal information of millions of consumers exposed by a data breach. However, those large-scale breaches are actually only the tip of the iceberg when it comes to stolen data. While stolen personal information is certainly worthy of concern, other types of data exposed in a breach, including trade secrets and intellectual property, can be just as, if not more, devastating, to a business. In any case, a data breach is costly, both in terms of fines and sanctions for the exposure of protected data, as in costs related to brand damage, lost revenue, investigations, and recovery.

So why is this so relevant to the cloud? Well, because the cloud has become an increasingly attractive target for hackers due to the sheer amount of data that it contains — and the somewhat more lax security guidelines that many companies follow when protecting that data. Many companies believe that their security providers are responsible for providing security — and most do — but at the end of the day, any company using the cloud is responsible for their own data protection, no matter what that may look like. Otherwise, they run the risk of falling victim to a breach.

2. Data Loss

Data Breach Comic

Data loss differs from a data breach in that a breach is the result of a malicious action that exposes data to individuals who aren’t authorized to see or use it, while data loss means that data is literally lost — deleted, erased, etc.—without having a backup. Sometimes data loss occurs due a technical error, a lost encryption key, or even in some cases, a deliberate act. Regardless of the cause, data loss can prove costly, and it’s of paramount importance for companies to protect their cloud data against irretrievably lost data.

3. Malicious Insiders

Recently, the Department of Homeland Security revealed that the greatest risk to data security isn’t outside hackers, but actually insiders — employees, contractors, etc. — who deliberately put their employer’s data and networks at risk. Individuals with access to your network and the right administrator privileges can easily manipulate data, harm infrastructures, or otherwise delete or render data unusable.

It’s important to note that all employee mistakes are not deliberate attacks — sometimes, a simple error can cause harm — but that only underscores that point that your company needs to take care prevent any one person from having the ability to take down your network. Logging and monitoring administrator privileges and access, maintaining appropriate separation of duties, encryption controls, as well as training employees to avoid costly mistakes, is an important part of cloud security.

4. Account Hijacking

Cloud services must be protected against phishing, fraud, and software exploits like any other network. Because data is being transferred to the cloud can be eavesdropped on, allowing hackers to manipulate data and transactions, it’s important to keep cloud services safe from hijacking. Do not allow users to share credentials, require two-factor authentication when available, and utilize monitoring tools to ensure that all transactions can be monitored and authenticated.

5. Advanced Persistent Threats

Advanced Persistent Threats (APTs) are among the most dangerous threats because they move through networks stealthily and mimic other traffic, making them difficult to detect. They also generally come in via undetectable methods, such as spear phishing attacks or peripherals pre-loaded with malware. However, these attacks are highly dangerous, and your company needs to invest in advanced security and training to keep them from infiltrating your network.

As the cloud matures and more businesses take advantage, so will the need to focus more on strategic decisions regarding security. The first step is understanding the major threats facing the cloud — and focusing your efforts on protecting against them.

By Glenn Blake

CloudBuzz

The latest in curated technology related news collected from many of the leading news distribution, industry research and technology vendor firms on the planet.

Here you will find recent news sources from companies such as Reuters, Marketwired, IDC, Gartner or directly from cloud vendors such as Google, Microsoft or Amazon.

CONTRIBUTORS

Cloud Services Are Vulnerable Without End-To-End Encryption

Cloud Services Are Vulnerable Without End-To-End Encryption

End-To-End Encryption The growth of cloud services has been one of the most disruptive phenomena of the Internet era.  However, ...
Principles of an Effective Cybersecurity Strategy

Principles of an Effective Cybersecurity Strategy

Effective Cybersecurity Strategy A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as ...
Countdown to GDPR: Preparing for Global Data Privacy Reform

Countdown to GDPR: Preparing for Global Data Privacy Reform

Preparing for Global Data Privacy Reform Multinational businesses who aren’t up to speed on the regulatory requirements of the European ...
Financial Management Finds a Welcome Home in the Cloud

Financial Management Finds a Welcome Home in the Cloud

Cloud Based Financial Management The most cautious person in any organization is likely to be the CFO. After all, they’re ...
What’s Next In Cloud And Data Security For 2017?

What’s Next In Cloud And Data Security For 2017?

Cloud and Data Security It has been a tumultuous year in data privacy to say the least – we’ve had ...
Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in ...
Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and ...
Chris Gerva

Why Containers Can’t Solve All Your Problems In The Cloud

Containers and the cloud Docker and other container services are appealing for a good reason - they are lightweight and ...
What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The ...
Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Multi-Instance vs. Multi-Tenant Architecture  The cloud is part of everything we do. It’s always there backing up our data, pictures, ...

NEWS

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system (Reuters) - Hackers likely working for a nation-state recently penetrated the safety system of ...
email as a service

Google Data Analysis, Artificial Intelligence and Predicting Vaccine Scares

Social media trends can predict tipping points in vaccine scares Analyzing trends on Twitter and Google can help predict vaccine ...
Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

NEW YORK, Dec. 12, 2017 /PRNewswire/ -- Deloitte forecasts double digital growth in machine learning deployments for the enterprise, an increasing worldwide ...