^

Business As Usual

Five security must-do’s for first time cloud users

Jeff Castillo - The Philippine Star
April 17, 2016 | 10:00am

MANILA, Philippines – What do Apple, Amazon and Microsoft have in common?

The answer: All three technology giants, considered the gold standard among cloud computing providers, have suffered the ignominy of being breached by hackers.

Apple’s “celebgate” incident exposed personal photos of its celebrity iCloud users and made unwelcome news headlines last year. UK technology provider Code Spaces was forced out of business last year after hackers tried to blackmail it and subsequently deleted crucial data from its Amazon Web Services-hosted cloud storage. In 2013, an expired SSL certificate in Microsoft's Azure cloud service gave hackers the chance to bring down the Xbox Live and a raft of other cloud-hosted services.

Cloud security risks are rising, with attacks growing at 45 percent year-on-year globally, according to cloud security firm Alert Logic. In the next five years, $2 billion will be spent by enterprises to shore up their cloud defences, according to Forrester Research.

First time cloud users can be most at risk, simply because of unfamiliarity with the new environment and the added burden of having to grapple with a new way of managing users, data and security.

Here are five security must-do’s before taking the plunge.

1. Know the cloudy areas

There are three main segments in any cloud deployment — the cloud vendor, network service provider and enterprise. Given that the cloud should be treated like an extension of the enterprise data centre, the question to ask is therefore: can a common set of security services and policies be applied across the three segments? What are the security gaps?

During vendor selection, ask the cloud vendor what security services it provides and which security vendors it works with. The cloud is a dynamic environment and requires regular updates to the security architecture to stay up with the latest threats. How does the cloud vendor guard against new security exploits and zero-day vulnerabilities?

2. New apps, new fortifications

Ready to move an application into the cloud? Before you do, consider adding new fortifications to the existing security measures you have built around your application’s authentication and log-in processes.

To fortify the access to your cloud application, you should have a granular data access scheme. You can do so by tying access privileges to roles, company positions and projects.  This will add an additional layer of protection when attackers steal your staff’s login credentials.

Account hijacking may sound basic but this age old breach has been flagged by Cloud Security Alliance as a continuing top threat for cloud users. To fortify your login process, consider implementing two-factor authentication, posture checking and the use of one-time passwords. A good tip is requiring user IDs to be changed at initial logins.

3. Embrace encryption

Data encryption is one of your biggest security ally in the cloud, and it should be non-negotiable when it comes to file transfers and emails. While it may not prevent hacking attempts or data theft, it can protect your business and save an organization from incurring hefty regulatory fines when the dreaded event happens.

4. Wrestling with the virtual

Moving into the cloud lets businesses reap the benefits of virtualization, but a virtualized environment can present challenges to data protection. The main issue has to do with managing the security and traffic in the realm of multi-tenancy and virtual machines.

Physical security appliances are typically not designed to handle the data that is in the cloud. This is where virtual security appliances come in — to secure traffic as it flows from virtual machine to virtual machine. Such appliances are built to handle the complexities of running multiple instances of applications, or multi-tenancy.

They therefore let businesses exert fine security control over their data in the cloud. Ask your cloud provider how it safeguards its virtual environment and find out what virtual security appliances it is using. If you are building your own private or hybrid cloud, consider getting virtual security products that focus on granular control.

5. Don’t be in the dark about shadow IT

There is no shortage of anecdotes and reports out there that point to how the unauthorised use of applications and cloud services, or shadow IT, is on the rise among businesses. The uncontrolled nature of this poses a security threat and governance challenge.

Your new cloud application will be at risk because of this. Consider the simple scenario in which your employees use their smartphones to open a file on their device. It is likely that the phone will make a copy of the file, which could then be sent to an unapproved online storage destination when the phone does its routine automatic backup. Your secure corporate data has just been moved to an insecure location.

Preventing access to shadow IT is unlikely to stop its growth in any given organization. It is more effective to educate your users and use technology to manage the issue. Encryption, network monitoring and security management tools can help defend your first cloud app against the risks of the shadow IT.

vuukle comment
Philstar
x
  • Latest
Latest
Latest
abtest
GCash sets sights on further international expansion
brandSpace
March 22, 2024 - 5:22pm

GCash sets sights on further international expansion

March 22, 2024 - 5:22pm
With GCash Overseas, Filipinos in the United States, Canada, the United Kingdom, Spain, Italy, Germany, Qatar, Kuwait, Japan,...
Business As Usual
fbtw
Global Dominion pushes for inclusive training programs for businessmen
brandSpace
March 13, 2024 - 2:45pm

Global Dominion pushes for inclusive training programs for businessmen

March 13, 2024 - 2:45pm
This innovative initiative goes beyond training the company’s loan agents; it extends its reach to partner dealers and...
Business As Usual
fbtw
FinVolution’s credit scoring company JuanScore now accredited as Special Accessing Entity by CIC
March 6, 2024 - 3:00pm

FinVolution’s credit scoring company JuanScore now accredited as Special Accessing Entity by CIC

March 6, 2024 - 3:00pm
SAEs are private corporations engaged in the business of providing credit reports, ratings, and other similar credit information...
Business As Usual
fbtw
Maya lauded globally as Philippines’ 'Best Digital Bank'
January 18, 2024 - 6:20pm

Maya lauded globally as Philippines’ 'Best Digital Bank'

January 18, 2024 - 6:20pm
2023 marked a milestone for Maya, reaching an impressive three million depositors. Dominating the industry, Maya commands...
Business As Usual
fbtw
How LMA Law founder sees mentoring, guiding people as legacy
January 17, 2024 - 12:00am

How LMA Law founder sees mentoring, guiding people as legacy

January 17, 2024 - 12:00am
Lawyer Ma. Louella “Peaches” Aranas believes that mentoring her law students, the next generation lawyers to being...
Business As Usual
fbtw
Meadows Brand Brings Quality Products to Philippine Supermarkets
December 30, 2023 - 12:00am

Meadows Brand Brings Quality Products to Philippine Supermarkets

December 30, 2023 - 12:00am
Meadows has won awards from well-known institutes like Monde Selection, International Taste Institute, International Wine...
Business As Usual
fbtw
Recommended
Are you sure you want to log out?
X
Login

Philstar.com is one of the most vibrant, opinionated, discerning communities of readers on cyberspace. With your meaningful insights, help shape the stories that can shape the country. Sign up now!

Get Updated:

Signup for the News Round now

FORGOT PASSWORD?
SIGN IN
or sign in with