The security of data and intellectual property is a matter of great concern for an IT Leader. IN today’s environment, that of Security in a cloud-based environment. It seems to be that a news item every day tells of a major serious breach at a high-profile company or government organisation.
Use of the Cloud has increased as many organisations move to an e-commerce basis following pandemic lock-downs. Often they use Managed Service Providers to host their web-based functionality.
The cloud infrastructure differs from that of a traditional ICT environment. A traditional environment has few external interfaces. They are usually well-managed behind a firewall and other antimalware and attack protections. All users are registered users with a security profile. Finally, there are limited types of devices that are known to IT attached to the network. The chief point of concern is online security. A second issue is users transferring data in and out of the network using online data stores like DropBox, and by using removable devices like flash drives.
Cloud Security brings a whole new range of threats. Firstly, increasing numbers and types of external interfaces that need to be managed and monitored. In addition to an Internet Connection supporting email and web surfing, the Internet interface now supports access to other applications. Users want access to social media, the communications infrastructure needs to support VoIP voice, video calls and incoming connections.
A major issue with remote access is that IT no longer has control over the devices that attach to their network. Users can use smart devices, laptops, tablets and PCs to access it. They can connect from home, or by WiFi from a public space. IT needs to make sure that communications are encrypted, secured and that devices can be remotely scanned for malware.
Remote and working from home staff need access to the corporate systems anytime and from anywhere. In the supply industries, some organisations provide customers and suppliers with limited interaction with corporate systems, The general public want access to the corporate website, and to online support. This environment is highly complex and provides a much larger attack surface to gain unauthorised access to systems and data.
The answer to the question “Are your data really safe in the Cloud?” is no. However stringent the security measures, however rigorous the policing of network traffic, at some point the hackers will break the defences. To what measure and how quickly the organisation recovers depends on the defence and recovery programmes in place.
If you have outsourced your online presence to cloud infrastructure provided by a Managed Service Provider, then most of the security issues are down to them. You, however, need to take care of your internal issues, and have regular reviews of the security measures used by your MSP.
To consider defence first. The usual sporting analogy is that offence is the best defence. The anti-malware and intrusion systems must be proactive. Implement, and use, network management software that can detect unusual patterns of activity, particularly at the firewall. Even if it affects performance make sure that the full range of protection is enabled on your firewall.
AI and self-defining networks can go a long way to providing monitoring and alert systems that reduce the need for dedicated staff.
Don’t neglect the desktop. Make sure all desktops have centrally managed anti-malware software, load, operational and up to date. Malware can spread across a network with lightning speed. All desktops need to be equipped with up to date malware protection.
The FBI state that most attacks begin with user errors. A phishing email sent to everyone will see how many employees actually respond. Users might introduce malware inadvertently or deliberately into the network using a removable device. They might try to steal data using a removable device. Their DVD and USB ports should be disabled in the BIOS to stop them.
If you have outsourced your operations to a cloud services provider, data theft and security breaches might start with their staff. Be very vigilant.
Second, how can you improve your chances of a full recovery?
Create, and test a cloud backup regime that allows you to take your environment back to the factory settings and completely reinstall all operating and network systems, applications systems and data from a backup suite. Test it, because it wouldn’t be the first time that backup media is corrupt or empty.
Don’t be complacent. Even if you have industrial strength malware protection, you will be hacked at some point. To reiterate - The answer to the question “Are your data really safe in the Cloud?” is no.