Overview of Cloud Security
Cloud security refers to a broad set of policies, technologies, applications, and controls utilized to protect virtualized components like IP, data, applications, services, and the physical components like the infrastructure, storage, and servers of cloud computing. It is a sub-domain of computer security, network security, and information security. In this article, we will see the following chapters…
- Shared Responsibility Model
- Cloud Security Control
- Challenges in cloud security
- Best practices to secure data in the cloud
- Technologies used to protect the cloud
✅The Shared Responsibility Model is a working framework followed by Cloud Service Providers that details the responsibility over an entire cloud environment. Responsibility is shared between the cloud service provider and the customer. cloud service providers are responsible for the security of the cloud infrastructure and customers are responsible for managing their data.
✅Cloud Security Control describes the set of security controls to secure the cloud environment against vulnerabilities, breaches, natural disasters, and attacks. They are divided into 4 controls. They are
Deterrent Controls informs any attackers that stealing data or engaging in suspicious activity will result in negative consequences. They act as a sort of warning system designed to keep malicious actors away from your cloud system.
Preventive Controls are to protect the system against incidents, by reducing if not eliminating vulnerabilities, as well as preventing unauthorized intruders from accessing or entering the system. This could be achieved by either adding software or feature implementations (such as firewall protection, endpoint protection, and multi-factor authentication) or removing unneeded functionalities.
Detective Controls are used to identify security incidents after they occur. It happens by detecting and responding to incidents on time. So organizations can minimize damage, prevent further compromise, and improve overall security.
Corrective Controls are used to correct the action after the incident happens. By having corrective controls in place, it is possible to reduce a malicious attack’s effect.
✅Challenges in cloud security
The following challenges in cloud security
Data is the information. It is necessary to protect the data in both transit (movement) and rest (stored). If we do not utilize the data properly it may lead to data loss (unwanted removal of data accidentally), data leak (stealing the information), and data breach (data gets exposed due to cyber attack).
Denial service of Attack comes from one source only while the Denial of service of Attack comes from many sources. Both keep users and team members away from accessing the system. It may lead to flooding and crashing the service (or) system.
Lack of Visibility means not all have clear visibility of what is happening in the cloud.
Malware attacks are malicious software designed to cause harm or damage to a computer (server, client, or infrastructure) without end-user knowledge.
Cloud misconfiguration occurs when system (or) application configuration settings are missing (or) are wrongly implemented, allowing unauthorized access. It may lead to Hijacking accounts and stealing the password.
Insecure APIs are a leading cause of incidents and data breaches and must be checked for vulnerabilities due to misconfiguration, poor coding practices, a lack of authentication, and inappropriate authorization.
✅Best practices to secure the data in the cloud
Due to vulnerability (weakness or gaps) in the cloud, attackers may steal information in the cloud computing environment. It may lead to data loss, disrupt the services, DDoS attacks, etc.
Identity and Access Management is a way to tell who a user is and what they are allowed to do. After creating the multiple roles, and users, You can search and validate those and remove the unwanted things. The least privileged role refers to which a user is given the minimum levels of access or permissions required to finish his/her job functions. Avoid using the Root user password for your daily tasks. Multi-factor Authentication is a multi-step account login process that requires users to enter more information along with the password.
Choosing a complex password can help prevent your accounts from being hacked if one of your passwords is compromised. It is also important to use different passwords for different accounts. You should also change your passwords regularly.
SSH keys (Secure Socket Shell) are used to authenticate and establish encrypted communication between a client and a remote machine over the Internet. It is more secure than other protocols and passwords.
✅Technologies used to protect the cloud
A firewall is used to monitor both incoming and outgoing network traffic based on certain security rules. The hardware firewall is a device that is designed between the gateway and your network. A software firewall is installed on your machine. A cloud firewall is a virtual firewall that runs in a cloud environment and is accessed over the internet.
Vulnerability scanning is the process of identifying security weaknesses and flaws in systems and software running on them. Virus scan is designed for detecting malware.
Data Loss Prevention is used to protect sensitive data and there is no data leakage in both in-transit and rest. It is designed to discover, classify, and protect sensitive data.
Encryption helps protect data from being accessed by unauthorized persons. The sender sends the plain text encoded into an unreadable format. It is decoded by the receiver who has the proper key. Use encryption with recommended protocols like (SSL/TLS) to transfer the data.