Naysayers often dismiss a hybrid/IT cloud as disruptive, but it's not the hybrid cloud that is troublesome.
The problem is poor network execution, security protocols, and management. It is simply because managers are not prepared or following the proper rules of engagement. This is especially true when dealing with mobile device management (MDM) and enterprise mobility management (EMM).
Managers must know and overcome the stumbling blocks. They include:
- Inadequate compliance
- Lack of encryption
- Insufficient risk assessment
- Poor data redundancy
- Data leakage and other threats.
Here are ten of the biggest cloud security threats facing businesses and advice on how to fix them.
- Lack of Encryption
Network transmissions are vulnerable to eavesdropping and Man-in-the-Middle (MitM) attacks that circumvent mutual authentication by impersonating endpoints. Mobility enterprise managers must encrypt communications and data to prevent security incursions.
Always shield transmissions from random attacks with cryptographic protocols that include endpoint authentication. Encode with SSL/TLS to manage server authentication and prevent interception of data off the wire. Use a reliable VPN and proxy server.
- Inadequate Security Risk Assessment
Failing to perform detailed risk profiles of an IT infrastructure and system prevents network administrators from determining how and where an intrusion has occurred or when it happened. It makes future breaches virtually impossible to prevent and properly mitigate.
Make sure rigorous risk prevention and assessment are always in place. IDS/IPS systems should continuously scan for malicious traffic. Log monitoring must be activated and software updates current. Use a holistic approach to network organisation security with a reliable SIEM system.
- Poor Compliance
Practice due diligence in a hybrid cloud to achieve compliance. Both the public cloud provider and your private cloud must stay within compliance parameters by being coordinated. They must also demonstrate compliance as they work together. Both clouds must meet all industry standards for data security when handling sensitive data and network traffic. These include industry-specific and government regulations/standards.
- Weak Security Management
Too many enterprise managers run amuck when they fail to employ authentication, identity management, and authorisation procedures for both their private and public cloud. Cloud security protocols must be integrated.
The solution is to synchronise security data or use an identity management service that coordinates all systems run in either cloud. Replicate controls for both clouds. Maintain an in-house storage backup for sensitive data not appropriate for the public cloud. Maintain end-to-end visibility in real-time. Know network topology inside and out to identify and correct security weaknesses.
- Poor Data Redundancy
A lack of redundancy puts a hybrid IT cloud and company enterprise at risk. This is especially true if you don’t have redundant copies of data properly distributed across all data centers.
Distributing data this way mitigates the damage that occurs when there is an outage in one data centre. Always implement redundancy by using multiple data centres from one cloud provider; from many public cloud providers; or from a hybrid cloud.
- Failure to Authenticate and Identify
Security management is essential when integrating public and private clouds in a hybrid environment.
Cyber security must be mutually shared between the cloud provider and enterprise staff. Make sure to synchronise data security by using an IP Multimedia Core Network Subsystem (IMS). Never trust – always verify. Monitor and verify all access permissions. Use a minimum two-factor authentication with stringent authentication requirements. Exercise granular and role-based access controls. Be sure security information and updates coordinate on both clouds.
- Unprotected APIs
When left unprotected, API endpoints expose sensitive data to malicious attacks that exploit an authentication/authorisation token or key to manipulate personal information and data. This vulnerability is of particular concern in enterprise mobility management and BYOD transmissions over unsecure connections.
Remember that API keys must be handled in the same manner as encryption and code-signing keys. Never release API keys to a third-party without verifying them to avoid a security breach. Third-party developers must be sure to handle keys securely. Confirm that they do.
- Denial-of-Service (DoS) Attacks
Attackers render a cloud or mobile enterprise inaccessible by issuing a Denial-of-Service (DoS) attack. Network service is disrupted in the virtual environment through an inherent weakness in shared resources such as CPU, RAM, disk space, or network bandwidth. DoS attacks on cloud management APIs are often attributed to bad SOAP or REST requests from the enterprise.
Stringent flow analytics fend off these attacks by reacting to the incursion and redirecting traffic to a mitigation device. Flow analytics must be scalable for the amount of traffic it gathers and analyses. This is not an effective method of combating volumetric (DDoS) attacks.
9. Distributed Denial-of-Service (DDoS) Attacks
These volumetric or application layer attacks are on the rise and even more insidious than DoS. This is because they are high volume incursions maliciously distributed from multiple sources and generated at a central location. By the time the attacks are noticed, network traffic is often in virtual gridlock and websites rendered helpless.
Fending off a DDoS attack requires robust in-path deployment of a DDoS mitigation device that continuously processes all incoming and outgoing traffic. The device must be able to act immediately and scale and perform when there are multi-vector incursions.
- Poor IP Protection
Intellectual property (IP) requires extra protection. It must have the highest encryption and security protocols.
IP must be identified and classified to determine potential security risks. A vulnerability assessment and appropriate encryption are needed. Classifying IP and quantifying risk must be done manually. Automated systems are grossly inadequate in this task. IP risks can only be identified once they are classified.
Confirm the source of your threats and develop a detailed threat model that you always follow. Create a permission matrix and harden all open source components to prevent breaches. Perform extensive third-party audits and verify network infrastructure security.
Atiq Rehman is a web developer, internet marketing expert and the founder of ikozmik.com
Image Credit: phloxii / Shutterstock