Cloud services are the foundation of modern business practices’ digital-first approach, and they are here to stay. According to Forrester, an analyst firm, cloud computing will more than double its global market value within a five-year time frame. It is expected to grow from $91 billion in 2015 to $191 billion by 2020.
Despite this remarkable growth, many still fear cloud security challenges and risks. According to a report from VIPRE, 66% of small and medium-sized businesses anticipate they would have to close their operations for a minimum of one day if faced with a serious data breach. Many believe they would never reopen.
As cyber security experts, we recommend taking a proactive approach to cloud security. There are now more than 9,000 cloud applications, McAfee Skyhigh Labs reports, creating many more opportunities for breaches. Governing and auditing efforts have not advanced enough to safely manage this growing industry, leaving it vulnerable to data exfiltration.
By taking the proper precautions, you can help protect your organization from cyber attacks. Learn about a few top cloud security challenges and risks below, and find out how your organization can take ownership of its cloud security today.
1. Weak Password Security and Practices Are a Company-Wide Risk
Too often, cloud security breaches are caused by poor password security and practices rather than weaknesses in cloud systems. Take the Citrix data breach from March of this year, for example. According to CPO Magazine, it appears that hackers took advantage of weak employee passwords to gain access to some of Citrix’s internal files and communications.
IRIDIUM, a major Iranian cyber criminal group, is suspected to be responsible for the breach. Infamous for attacking at least 200 organizations, these hackers concentrate on targeting government agencies and important economic stakeholders. In July, Citrix’s president and CEO, David Henshall, confirmed that cyber criminals used password spraying to steal information from the company’s internal network.
The password spraying technique is a brute-force hacking tactic that involves using confirmed usernames and a password list based on known information and educated guesses. Hackers test passwords one at a time with every available username to limit failed login attempts and bypass the resulting account lockouts.
As the Citrix breach illustrates, attackers target lower level accounts with poor security to gain network access. The FBI’s statement to the press about the hack acknowledges that even “a foothold with limited access” can lead to cyber criminals “work[ing] to circumvent additional layers of security.” Unfortunately, an organization’s security is only as strong as its weakest password. A hacker only needs to compromise one user’s security to gain access to valuable information in your company cloud.
Once a breach occurs, it can be difficult to recover and regain customers’ trust, especially if customer data or other sensitive business intelligence is jeopardized. As a Department of Defense approved vendor and the cloud service provider to the U.S. military, Citrix’s breach has had a widespread impact on the government contracting and I.T. communities. Government contractors and private companies that have interacted with Citrix must confront the possibility that their information may have been compromised. Likewise, those that use Citrix’s products or services moving forward have to consider potential long-term ramifications of the breach. The attack could have yielded intelligence that the hackers will be able to use to launch attacks on Citrix in the future, putting new customers at risk as well.
Weak password security and verification is one of the greatest threats to cloud security, and maintaining password security must be the responsibility of both the cloud server and its users. Even if you understand the importance of a strong password and two-factor authentication, it is critical to convey their significance to your entire organization and establish company-wide procedures to enforce best practices.
Protecting Your Organization with Stronger Passwords and Best Practices
While password vulnerability is a top cloud security risk, it is one that you have the power to mitigate. The more variations you add to a password, such as capitalizations and numbers, the more possibilities a brute-force hacker must go through to find your password.
It is critical that your organization follows the industry’s best practices for password security. The National Cybersecurity and Communications Integration Center (NCCIC) and United States Computer Emergency Readiness Team (US-CERT) recommend these guidelines for creating and managing strong passwords:
- Whenever possible, take advantage of multi-factor authentication.
- Always create unique passwords for each system and account. Never reuse passwords.
- Don’t incorporate personal information an outsider could guess or verify in your passwords.
- Make each password as long as possible. The allowable length may vary from system to system.
- Avoid using words that can be found in the dictionary, even for another language, in your passwords.
Ultimately, you need to use passwords that cannot be easily guessed by hackers, but can be easily recalled by those within your internal network. It can be challenging for your team to use passwords that are unique and complex, but this crucial protection must not be taken lightly.
Our cyber security expertise can help your organization get it right. If you are interested in a customized password generation and management system for your company, contact Entrust Solutions.
2. Cloud APIs Face Top Cloud Security Risks
A cloud API (application program interface) is a helpful tool for managing your cloud’s framework and facilitating interaction with cloud services. Cloud APIs give you the ability to oversee both your assets and users, but they also create cloud security challenges and risks.
By their very nature as a gateway between your cloud systems and applications, cloud APIs create exposure points in your network. Jason Macy, the CTO of Forum Systems, writes, “It doesn’t matter how secure the cloud service provider is, the APIs by which data is accessed will always remain a weak link in the chain, and therefore a major target for hackers. This is very alarming because functionality, not security, tends to be the primary concern when building an API.”
Despite the risks, cloud integration has become an inescapable necessity. According to Cloudability’s data analysis of 3,200 clients spanning 80 countries, 86% of businesses use multiple cloud services.
Businesses should not entirely forgo cloud integration over security concerns. Instead, your organization needs to understand APIs’ weaknesses and form an actionable plan to help prevent security issues.
Tips to Address Cloud API Security Challenges and Risks
Take these five steps to safely grow your organization using cloud API services:
- Check the coding. If the API uses poor coding, it is more likely that your information will be susceptible to attacks.
- Validate the SSL certificate. Weak validation provides hackers with easy access to your API’s keys, usernames, and passwords.
- Check utilization numbers. Employ API utilization to your advantage, and make sure your information has only been accessed by the desired parties.
- Manage the SOAP protocol and safeguard the XML format. The XML format is reliant upon the API’s Simple Object Access Protocol (SOAP). Your API’s SOAP determines how the application’s distributed elements communicate. Hackers can target the API’s SOAP to access its XML, spelling trouble for your organization’s data security.
- Have your own security measures in place. While you want to select a trustworthy server, it is important that you put your own encryption system into place as well to help ensure the protection of your data.
At Entrust, our highly skilled I.T. professionals can create a personalized encryption system for your organization. Our technology solutions are available to protect your cloud API security and mend weak points in the interface system. Contact us today to learn more about how we can help.
3. Insider Threats Pose Significant Cloud Security Challenges and Risks
Cloud security risks are not purely external. Cloud services can provide your employees with broad access to your organization’s sensitive information. In many cases, employees download and upload files to their company’s cloud throughout the day to complete their work, making it much more difficult to track a malevolent download.
McAfee Skyhigh Labs’ 2019 Cloud Adoption and Risk Report revealed deviant user behavior indicating insider threats within 85% of organizations. Just 17% of security teams were aware that their organization was exposed to an insider threat, making this an especially significant risk.
The nefariousness of insider threats ranges from carelessness to malice, but all can be damaging. In one extreme case, an employee used over 180 risky cloud services on the job. This individual made significant data uploads to a number of questionable services, including more than 500 MB to LiveLeak. The site is notorious for facilitating leaks from government agencies and private companies.
Even if an employee does not directly leak data, they could allow outsiders to access your cloud, who then act maliciously. In an unprecedented case of insider threat, a Verizon Enterprise Solutions employee misused system access to outsource his job. The company’s security team was investigating anomalies in their system when they discovered that a user from Shenyang, China was accessing their I.T. system with an American employee’s information during work hours. Further investigation revealed that the employee had employed a Chinese consulting firm to complete his work. The Chinese developer would log into Verizon Enterprise Solutions’ system to perform the employee’s work, giving the Chinese firm ongoing access to company information.
Unlike the employee who intentionally uploaded company information to high-risk cloud services, the Verizon Enterprise Solutions employee’s goal was not to damage his organization. However, both employees were responsible for serious cyber security risks. Whenever workers have access to your company cloud or other sensitive information, it is necessary to take steps to protect your organization from insider threats.
How to Protect Against Insider Threats
Insider threats are one of the top cloud security challenges and risks, but cloud systems must be operated by your internal network. This dichotomy requires your organization to implement protection tactics.
Companies have already gotten smarter about analyzing the vast amount of data in cloud servers to optimize performance, and it is now time to use analytics for protection as well. Haiyan Song, Splunk’s Senior Vice President & General Manager of Security Markets, believes we will continue to see businesses combine analytics and security to improve performance and preserve organizations’ data integrity.
Another way your organization can reduce insider threats is by granting employees access to exactly what they require to perform their jobs and nothing more. If an employee only needs temporary access to certain data or information stored in the cloud, grant them access when they need it and be sure to remove it afterward.
In addition, regularly review who has access to what, and be sure to revoke access to anyone who leaves the company right away. This can help limit insider threats while also narrowing down who could have committed an attack if one occurs. Think of this as your internal security clearance process.
Honeypots are another option for safeguarding your data. A honeypot, or an intentionally insecure computer, can be created to attract hackers and distract them from identifying and targeting genuine weaknesses. While honeypots are traditionally used against external threats, they can be designed for insider threats as well.
Organizations can create cloud server honeypots to protect against insider threats. When an internal user targets the honeypot within your cloud services, it will reveal them as a threat to your organization. Innovative cyber security solutions such as this are critical to addressing cloud security challenges and risks.
Protect Against Cloud Security Challenges and Risks with Entrust’s Cyber Security Expertise
Cloud security challenges and risks should not prevent you from utilizing these important services. At Entrust Solutions, our goal is to empower you to take ownership of your cloud data’s protection.
While poor password security, API weaknesses, and insider threats can all be addressed by skilled cyber security professionals, they are easily overlooked. Too often, internal I.T. departments are overwhelmed with troubleshooting daily operations, and they need specialized outside assistance to develop strong cyber security systems in a timely manner.
As leaders in the cyber security sector, our experts are ready to help your organization safeguard its cloud data. Contact Entrust Solutions today for your personalized protection plan.