Cyber security, malicious activity, spam, DDoS attacks, and threats are terms businesses continuously think about and lose sleep over. Every day, hackers and off shore teams are working just as hard if not harder to penetrate a company’s sites and applications as internal teams work to mitigate such attacks. It is a never ending battle, one that continues to get more strategic every day.
Recently, the Cloud Security Alliance (CSA) released a report of the top 12 cloud computing threats faced by modern organizations today, titled the “Treacherous 121.”
This blog is the first in a series that will address these threats and how you can protect your business against them.
Threat #1: Data Breaches
There have been numerous news articles detailing major data breaches over the last few years. The threat of data breaches has pushed countless companies into making enormous investments into data security.
Consequences of a single data breach can vary in severity depending on a number of factors, such as the type of information leaked and the length of time the breach went undetected. In cases such as the Target Brands, Inc. and JPMorgan Chase data breaches, costs have reached into the hundreds of millions of dollars.
Guarding Against Data Breaches on the Cloud
Data breaches are like heart attacks; although they can be catastrophic, there are many ways to protect against such an outcome in advance. Just like the doctor tells us to eat healthy and exercise, data breaches can be avoided with the right security measures in place.
The right protocol in preventing data breaches is having a fault tolerant approach by utilizing a multi-layered security.
Data breach prevention should include:
- Perimeter and Internal Firewalls
- Data-at-Rest Encryption
- Multi-factor Authentication for Data Access
Threat #2: Insufficient Identity, Credential, and Access Management
We have all gotten those emails from Visa, LinkedIn, or the like, stating you need to reset your password. This is usually due to a security breach or stolen user information, such as credentials. Your Username and Passwords are sacred, and can be used against you when in the wrong hands. This is why multi-factor authentication is vital to any business. Two-factor takes information the user knows, such as a password, and matches it with a single-use encrypted key. Multi-factor authentication also includes identity verification such as biometric verification.
When the systems for managing access to an application are lacking, it’s easier for hackers to fake their way past protection protocols by imitating the identities of authorized users with stolen account credentials. Having multiple layers of security for end users is just as important as infrastructure security—all security measures work together to prevent accessing sensitive data.
Educating end users about phishing emails, credential protection and security best practices should also be implemented during an onboarding process. Depending on your compliance requirements, this can also be a great refresher to have during one’s employment.
Using Identity and Access Management to Increase Security
Identity and Access Management is role-based accesses to applications and files. Securely isolating users to only allow access to information pertaining only to them and their role within the organization.
SharePoint has always done an excellent job at segmenting the user experience to the confines of pertinent information delegated by the administrator.
Threat #3: Insecure APIs
The root definition and the fundamental reason for APIs is to expose a company for public adaption and/or consumption. This presents itself, if done securely, as a tremendous opportunity for success by offering a frictionless experience for users. Companies like Spotify have used APIs for substantial growth, they did so by using the Facebook API.
Reducing Vulnerability for APIs
The CSA and WHOA.com specifically recommend security-focused code reviews and rigorous penetration testing for any cloud API/UI that is used. Such testing helps identify vulnerabilities so that they can be patched before they become a problem.
To limit the severity of this risk, it’s important to treat APIs and UIs as the first line of defense for any cloud solution. Threat modeling applications and systems, including data flows and architecture/design become important parts of the development lifecycle under this philosophy.
There are many ways to secure your API outside of SSL/TLS. Most companies use basic authentication and call it a day, but multi-layering and establishing a tiered approach is ideal. WHOA.com recommends incorporating technologies such as an identity provider, IdP, OAuth Toolkit, or JSON Identity Suite.
As noted by the CSA in their report, “APIs and UIs are generally the most exposed part of a system, perhaps the only asset with an IP address available outside the trusted organizational boundary.” Malicious input or injection attacks could bring down an application workload.
In short, insecure APIs and UIs make a tempting target because they’re more exposed than other parts of your cloud solution. WHOA.com implements Multi-Layered Security to ensure your entire cloud is secure.
…This series will continue with threats 4-6 that include: System Vulnerabilities, Account Hijacking, and Malicious Insiders
1: "The Treacherous 12: Cloud Computing Top Threats in 2016" https://downloads.cloudsecurityalliance.org/assets/research/top-threats/Treacherous-12_Cloud-Computing_Top-Threats.pdf