Security Challenges of Cloud Computing
Cloud security
Shifting data and sytems into cloud is popular among organizations nowadays because cloud helps to improve efficiency and operational capacities with low cost and less resource requirements. As the cloud platforms are used to host important business applications as well as store organizational data it is impotant to ensure that what we place in cloud are secure from any cyber attacks.
Cloud security is the area of computer or information security that focuses on implementing various controls,techniques,processes and policies to secure the cloud systems, data and infrasturcture.
Cloud security is not just a responsibility of the cloud service provider but is a shared responsibility between both providers and users/customers of cloud. Cloud providers manage many aspects of applications,infrastructure and physical security while users also have responsibilities on some security controls.
Shared responsibility in cloud security(source: kinsta.com) |
Importance of cloud security
Although cloud platforms have many benefits over on-prem systems they have the higher risk of encountering cyber attacks and therfore need to have proper security architecture to ensure cloud security.
Following are 03 main reasons why the cloud security is important.
- Prevent data breaches or data losses
- Ensure business continuity
- Choose a trusted cloud service provider
Cloud security threats
Cloud platforms often come across different security risks that would expose cloud systems to common attacks like Denial of service(DoS attacks), data breaches, account hijacking, malware attacks etc.
Following are 05 such security risks we come cross when we shift to cloud rather than having all our systems and data on-prem.
- Lack of cloud security stratergy and architecture
Not having proper plans and stragergies to secure data and systems when moving to cloud platforms as well as not having proper understanding about the shared responsibility in cloud results in exposing cloud data and sytems to different malicious attacks and downtimes.
- Misconfigeration of cloud services
With the increased range of services and complexity of them not properly configuring the cloud controls and services to ensure security of data or systems leads to cyber attacks.
- Weak identity and access management
Not implementing proper cloud system and data access controls as well as not properly managing the user identity will result in exposing data to unauthorized users. If the fact that which data/systems can be accessed by which users is not properly defined cloud platforms can be easy targets for malicious attacks.
- Contractual issues
When entering contractual partnerships with cloud services, not reading and understanding the terms and conditions on what is agreed by the cloud service provider may give opprtunities to unauthorized data access by unintended parties.
- Insecure interfaces
Extrenal APIs, web or mobile interfaces are needed to access systems and data in cloud platforms. There is a high risk in using these external APIs by organiazational employees or users if they are not properly implemented with required levels of secuirity.
Tips for improving cloud security
Following are few technology practices in cloud computing to ensure system and data security.
Proper identity and access management(IAM) :
- IAM for cloud can be implemented with advanced technologies like multi-factor authentication to ensure that right users are given access to right systems and data.
Encryption :
- Encryption of data can be done to ensure that unintended parties cannot decipher the sensitive data stored in cloud.
Microsegmentation :
- This is a technic of dividing the cloud deployment into secure segments enabling isolation of workloads and allowing more flexible security policy application on individual workloads.
Strong cloud security stratergy :
- Using a strong security architecture and backbone implemented with proper tools like firewalls, monitoring tools, Intrution Detection Systems (IDS), Intrusion Prevention Systems(IPS) as well as performing vunlerability assessments can reduce the risks of cloud security.
Assuring security in cloud is complicated and both the cloud service providers and users have their responsibilities to acheive it. Organization often tend to use cloud platforms for their business operations and security is a critical factor when choosing to move to cloud platfroms. It is important to have an understanding of the shared responsibilty as well as the risks associated with cloud platforms and have the knowledge to improve cloud security with the available technologies.
References:
[1] https://www.synopsys.com/blogs/software-security/shared-responsibility-model-cloud-security/
[2] https://kinsta.com/blog/cloud-security/
[3] https://cloudsecurityalliance.org/blog/2020/02/18/cloud-security-challenges-in-2020/
Good writing Dilesha!
ReplyDeleteAlso can you elaborate more on IAM, maybe refer me with a suitable article?
Thank you Asenika!!
ReplyDeleteAs you have asked about IAM I would do some explaination on it. Identity and access management (IAM) is the process of enabling the right users to access the right resources at the right times for the right reasons. Cloud Identity and Access Management lets the administrators to authorize who can access resources in the cloud, giving them visibility on data as well as control over different actions to manage cloud resources. Organization use IAM systems that are deployed on premises or provided by a third-party vendor through a cloud platform. IAM often uses technics like single sign-on, two factoe authentication and multi-factor authentication to manage the access previledges of different users.
You can refer the following article for more information on IAM.
https://searchsecurity.techtarget.com/definition/identity-access-management-IAM-system
Good read Dilesha! Cloud computing is a growing technology these days. In the article we can align the best cloud service with the properties you dispersed under security.
ReplyDeleteThank you!!
DeleteIt's great that you have highlighted that customers have to play a major role other than the vendor in cloud security. Some customers think entire security is on the cloud vendors hands. Informative post.
ReplyDeleteThank you kawee!!
DeleteOf course customer's role in cloud security responsibility needs to be understood well when using cloud technologies.
You explained it well dilesha...
ReplyDeleteThank you Hirushka!!
Delete