Enterprises are no longer sitting on their hands, wondering if they should risk migrating applications and data to the cloud. They're doing it -- but security remains a serious concern.
The first step in minimizing risk in the cloud is to identify the top security threats.
As the RSA Conference last week, the CSA (Cloud Security Alliance) listed the “Treacherous 12,” the top 12 cloud computing threats organizations face in 2016. The CSA released the report to help both cloud customers and providers focus their defensive efforts.
The shared, on-demand nature of cloud computing introduces the possibility of new security breaches that can erase any gains made by the switch to cloud technology, the CSA warned. As noted in previous CSA reports, cloud services by nature enable users to bypass organization-wide security policies and set up their own accounts in the service of shadow IT projects. New controls must be put in place.
“The 2016 Top Threats release mirrors the shifting ramification of poor cloud computing decisions up through the managerial ranks,” said J.R. Santos, executive vice president of research for the CSA.
Threat No. 1: Data breaches
Cloud environments face many of the same threats as traditional corporate networks, but due to the vast amount of data stored on cloud servers, providers become an attractive target. The severity of potential damage tends to depend on the sensitivity of the data exposed. Exposed personal financial information tends to get the headlines, but breaches involving health information, trade secrets, and intellectual property can be more devastating.
When a data breach occurs, companies may incur fines, or they may face lawsuits or criminal charges. Breach investigations and customer notifications can rack up significant costs. Indirect effects, such as brand damage and loss of business, can impact organizations for years.
Cloud providers typically deploy security controls to protect their environments, but ultimately, organizations are responsible for protecting their own data in the cloud. The CSA has recommended organizations use multifactor authentication and encryption to protect against data breaches.
Threat No. 2: Compromised credentials and broken authentication
Data breaches and other attacks frequently result from lax authentication, weak passwords, and poor key or certificate management. Organizations often struggle with identity management as they try to allocate permissions appropriate to the user’s job role. More important, they sometimes forget to remove user access when a job function changes or a user leaves the organization.
Multifactor authentication systems such as one-time passwords, phone-based authentication, and smartcards protect cloud services because they make it harder for attackers to log in with stolen passwords. The Anthem breach, which exposed more than 80 million customer records, was the result of stolen user credentials. Anthem had failed to deploy multifactor authentication, so once the attackers obtained the credentials, it was game over.
Sign up for CIO Asia eNewsletters.