Security Challenges of Cloud Computing

Cloud security

    Shifting data and sytems into cloud is popular among organizations nowadays because cloud helps to improve efficiency and operational capacities with low cost and less resource requirements. As the cloud platforms are used to host important business applications as well as store organizational data it is impotant to ensure that what we place in cloud are secure from any cyber attacks.
 
Cloud security is the area of computer or information security that focuses on implementing various controls,techniques,processes and policies to secure the cloud  systems, data and infrasturcture. 

Cloud security is not just a responsibility of the cloud service provider but is a shared responsibility between both  providers and users/customers of cloud. Cloud providers manage many  aspects of applications,infrastructure and physical security while users also have responsibilities on some security controls.

Shared responsibility in cloud security(source: kinsta.com)

Importance of cloud security

Although cloud platforms have many benefits over on-prem systems they have the higher risk of encountering cyber attacks and therfore  need to have proper security architecture to ensure cloud security.
Following are 03 main reasons why the cloud security is important.
  • Prevent data breaches or data losses
  • Ensure business continuity
  • Choose a trusted cloud service provider

Cloud security threats

Cloud platforms often come across different security risks that would expose cloud systems to common attacks like Denial of service(DoS attacks), data breaches, account hijacking, malware attacks etc.
Following are 05 such security risks we come cross when we shift to cloud rather than having all our systems and data on-prem.
  • Lack of cloud security stratergy and architecture
Not having proper plans and stragergies to secure data and systems when moving to cloud platforms as well as not having proper understanding about the shared responsibility in cloud results in exposing cloud data and sytems to different malicious attacks and downtimes.
  • Misconfigeration of cloud services
With the increased range of services and complexity of them not properly configuring the cloud controls and services to ensure security of data or systems leads to cyber attacks.
  • Weak identity and access management
Not implementing proper cloud system and data access controls as well as not properly managing the user identity will result in exposing data to unauthorized users. If the fact that which data/systems can be accessed by which users is not properly defined cloud platforms can be easy targets for malicious attacks.
  • Contractual issues
When entering contractual partnerships with cloud services, not reading and understanding the terms and conditions on what is agreed by the cloud service provider may give opprtunities to unauthorized data access by unintended parties.
  • Insecure interfaces 
Extrenal APIs, web or mobile interfaces are needed to access systems and data in cloud platforms. There is a high risk in using these external APIs by organiazational employees or users if they are not properly implemented with required levels of secuirity.

Tips for improving cloud security

Following are few technology practices in cloud computing to ensure system and data security.

Proper identity and access management(IAM) :
  • IAM for cloud can be implemented with advanced technologies like multi-factor authentication to ensure that right users are given access to right systems and data.
Encryption :
  • Encryption of data can be done to ensure that unintended parties cannot decipher the sensitive data stored in cloud.
Microsegmentation :
  • This is a technic of dividing the cloud deployment into secure segments enabling isolation of workloads and allowing more flexible security policy application on individual workloads.
Strong cloud security stratergy :
  • Using a strong security architecture and backbone implemented with proper tools like firewalls, monitoring tools, Intrution Detection Systems (IDS), Intrusion Prevention Systems(IPS) as well as performing vunlerability assessments can reduce the risks of cloud security. 

Assuring security in cloud is complicated and both the cloud service providers and users have their responsibilities to acheive it. Organization often tend to use cloud platforms for their business operations and security is a critical factor when choosing to move to cloud platfroms. It is important to have an understanding of the shared responsibilty as well as the risks associated with cloud platforms and have the knowledge to improve cloud security with the available technologies.


References:

[1] https://www.synopsys.com/blogs/software-security/shared-responsibility-model-cloud-security/

[2] https://kinsta.com/blog/cloud-security/

[3] https://cloudsecurityalliance.org/blog/2020/02/18/cloud-security-challenges-in-2020/

Comments

  1. Asenika LiyanageDecember 6, 2020 at 9:12 PM

    Good writing Dilesha!
    Also can you elaborate more on IAM, maybe refer me with a suitable article?

    ReplyDelete
  2. Dilesha PereraDecember 8, 2020 at 2:05 PM

    Thank you Asenika!!
    As you have asked about IAM I would do some explaination on it. Identity and access management (IAM) is the process of enabling the right users to access the right resources at the right times for the right reasons. Cloud Identity and Access Management lets the administrators to authorize who can access resources in the cloud, giving them visibility on data as well as control over different actions to manage cloud resources. Organization use IAM systems that are deployed on premises or provided by a third-party vendor through a cloud platform. IAM often uses technics like single sign-on, two factoe authentication and multi-factor authentication to manage the access previledges of different users.
    You can refer the following article for more information on IAM.
    https://searchsecurity.techtarget.com/definition/identity-access-management-IAM-system

    ReplyDelete
  3. Rajitha GamageDecember 10, 2020 at 9:42 PM

    Good read Dilesha! Cloud computing is a growing technology these days. In the article we can align the best cloud service with the properties you dispersed under security.

    ReplyDelete
  4. KaweeDecember 10, 2020 at 11:30 PM

    It's great that you have highlighted that customers have to play a major role other than the vendor in cloud security. Some customers think entire security is on the cloud vendors hands. Informative post.

    ReplyDelete
    Replies
    1. Dilesha PereraDecember 11, 2020 at 10:29 AM

      Thank you kawee!!
      Of course customer's role in cloud security responsibility needs to be understood well when using cloud technologies.

      Delete
  5. hirushkaDecember 11, 2020 at 3:52 AM

    You explained it well dilesha...

    ReplyDelete

Post a Comment

Popular posts from this blog

Best Practices for Network Monitoring

Image
What is network monitoring? Network monitoring is a proactive activity carried out by network administrators to ensure that the networks are working optimally by monitoring faults, performance and efficiency of networks. Network monitoring systems include hardware and software tools that are used to monitor aspects of networks like the bandwidth, traffic, uptime as well to check the performance of network devices like firewalls, switches and routers.  Network monitoring is important because it can proactively identify faults in networks and prevent network failures and downtimes. Benefits of network monitoring There are several key benefits of practicing network monitoring and following the best practices. Some of the main advantages of network monitoring are: Network administrators can have a clear picture of the networks and their performance Analysis of network components over time helps to identify the needs for upgrades and implementation of new infrasturcture  Organizations can u
Read more