Skip to content Skip to footer

Top tips for cloud security

Image: Adobe Stock / Michael Traitov

It’s no secret that the pandemic launched most industries into a period of rapid technological change, and now digital transformation is at the top of the business agenda for most.

However, this transition into a digital-first approach has inevitably come with an array of new threats to security. According to a survey by IDC, 98% of all companies experienced at least one cloud data breach in 2020 and the first half of 2021. In other words, when it comes to cloud security, the stakes are high.

As companies navigate the new norms of a hybrid work environment, with cloud-based breaches on the rise, planning their security posture every step of the way will become crucial. 

  1. What are the main threats to cloud security today?

The ultimate security threat to the cloud are malicious cyberattacks – where hackers try to hijack a computer network or system, usually for the purpose of stealing, destroying or exposing information. Many tactics can be used to prevent this, such as strengthening password security, for example. To work out the best security practices to implement, it’s all about identifying weaknesses in our systems and then figuring out how to plug the gaps.

Cloud-based resources will most often be located outside of the corporate network and run-on infrastructure that is not owned or controlled by the company. As a result, many conventional methods for attaining network visibility are not effective for cloud systems, and some organisations lack security solutions that are specifically geared toward cloud environments. This may make it more difficult for an organisation to monitor and defend against attacks on its cloud-based resources. In fact, a study by Enterprise Strategy Group (ESG) reported that 79% of businesses are experiencing widening visibility gaps in their cloud infrastructure.

Last but not least, malware – injections of software designed to harm or take down computers – is another one of the most frequent threats that computer users encounter. If a malicious file is downloaded to your local device, there’s a direct route from there to your business’ cloud, where it can access, infect, and encrypt company data.

  1. What are the most effective digital measures to protect an organisation’s data?

Data breaches can cost thousands in lost revenue and customer trust. One precaution to prevent this is to encrypt all sensitive data before sharing or storing it in the cloud. Encryption software automatically converts data into an unreadable format before being either transported or stored in the cloud, making it one of the most effective forms of security. With encrypted data, even if hackers manage to obtain access to the data, it remains incomprehensible. As a result, it becomes a far less desirable target for cyberattacks.

A perfect example of a time to use encryption is when using a hybrid cloud offering where data is often transported across different systems and environments – in this instance, data is particularly susceptible to hackers.

Secondly, businesses can strengthen the security of their cloud infrastructure by using an end-to-end identity and access management (IAM) system. One of the most obvious causes of a data breach is poor password hygiene, and so companies should look to options like multi-factor authentication. With the advanced verification involved in this solution, it is harder for hackers to access data, since physical access to devices, email accounts, and one-time codes is also required. 

As well as this, another consideration to make is who exactly needs access to the company’s database. High-level rights are not required for every employee, and administrators should be limited to a small number of users to minimise unnecessary security risks.

Another way to safeguard your systems from security threats, such as malware for example, is through patching. Fortunately, consistently keeping your programmes up-to-date with the most recent security updates is a simple task. Knowing who is accountable for this process (you or the public cloud provider) is the next challenge. You’ll need to ensure that both sides understand who is responsible for patching, so that any gaps in security can be filled right away and no openings are left for malicious actors to exploit.

  1. Are physical security measures still as crucial in this increasingly digital age? 

In short, absolutely. Whilst companies have been ramping up their cybersecurity measures, they certainly shouldn’t forget about the role that physical security plays. Data breaches do occur outside of cyberattacks and data centres that house and transmit large quantities of sensitive data for businesses across the country can be prime targets.

One of the ways that data centres can maximise physical security is by maintaining perimeter security. Malicious actors are expanding their already formidable toolkit by introducing new physical attack channels. This includes the actual transmission of ransomware, in which hackers break into data centres using stealth or trickery and inject malware that can remain unnoticed until activated.

In particular, organisations with on-premise facilities that might not otherwise implement the same level of security as, say, a Tier IV data centre would operate, need to remain vigilant and implement a variety of perimeter security measures to protect data centres. 

These measures can include a combination of advanced access control systems that need biometric authentication from personnel, with CCTV, anti-intrusion sensors, and bollards. Whilst this might sound like extreme measures, they’re becoming common steps that reputable data centre providers are taking towards better security.

4) How can companies ensure they’ve got a good security strategy in place, including mitigating the effects of an attack once it has occurred?

Clearly, there are a lot of factors to consider. Whilst cloud does come with numerous benefits such as agility and scalability, it can also expose vulnerabilities for businesses that lack the internal knowledge and skillset to understand cloud security challenges. Failure to effectively plan and prepare can manifest itself in misunderstanding the shared security duties of the cloud provider and user, and therefore leading to exploitation of unintentional security gaps.

What’s more, most traditional data centre security models are not suitable for the cloud, so IT teams will need to figure out new strategies and skills specifically tailored to cloud computing. Whilst there is no one-size-fits-all method, the first step is taking a holistic look at your cloud security. Once you’ve got a common-sense strategy in place and the right partners on-board, I guarantee it won’t seem so tricky.

Then it’s all about building redundancy into infrastructure. In short, redundancy is the process of storing cloud data across multiple servers in case of system malfunction or a power outage. Redundancy management is just as crucial for businesses using the cloud as having several backups. However, whilst the two sound similar, they are entirely different.  Redundancy is the process of guaranteeing dependability and uptime in the event of a system crash, meanwhile backups are copies of data that may be recovered in an emergency.

As an example, let’s say one of the cloud servers used by your company fails during the workday. This is when having a fully redundant cloud solution really shines, as it will allow you to keep working without disruption.

Massimo Bandinelli
Massimo Bandinelli
Aruba Cloud Marketing Manager

You may also like

Stay In The Know

Get the Data Centre Review Newsletter direct to your inbox.