The cloud computing services have become an essential tool for most businesses. This trend has accelerated recently, services in the cloud such as Zoom, Microsoft 365 and Google Workspace and many others becoming the collaboration and productivity tools of choice for teams working remotely.
If the "cloud " isquickly become an essential tool, its adoption can also lead to additional cybersecurity risks .
Previously, most people who connected to the company network did so from their workplace and therefore accessed their accounts, files and company servers between four walls of the office building, protected by firewalls and other professional grade security tools. With the increased use of cloud applications, this is suddenly no longer the case: users can access business applications, documents and services from anywhere. This has resulted in the need for new security tools.
If positive pFor remote workers - because it allows them to continue working with a semblance of normalcy - remote working also represents an opportunity for cybercriminals, who have quickly took advantage of the switch to remote work to try to breaking into the networks of organizations that have misconfigured their security cloud.
Enterprise VPNs and Cloud Application Suites have become prime targets for hackers . If not properly secured, all of these can provide cybercriminals with an easy way to gain access to corporate networks. It suffices for attackers to get a username and password , by stealing them via a e- phishing mail or by using brute force attacks to crack simple passwords.
Like the intruder uses the legitimate login credentials of someone already working remotely , it is more difficult to detect unauthorized access allowed, especially considering that the switch to remote work has led some people to work at different hours than what might be considered normal working hours.
attacks against cloud applications can be extremely prejudicious for the victims, because the cybercriminals can stay on the network for weeks or months . Sometimes they steal large amounts of sensitive company information; sometimes they use cloud services as the initial point of entry to lay the groundwork for a ransomware attack that can lead them to steal data and deploy ransomware. This is why it is important that companies that use cloud applications have the appropriate tools and practices to ensure that users can use these services securely while being able to use them effectively.
Use multi-factor authentication checks on user accounts.
An obvious preventative measure is to put in place strong security controls over how uUsers connect to cloud computing services. Whether it is a virtual private network (VPN, Remote Desktop Protocol (RDP) service, or an office application suite, staff should need to more than its username and password to access these services.
"One of the most important aspects of the cloud is that identity is king. 'identity almost becomes your proxy for absolutely everything. All of a sudden the identity, its role and how you assign it has all the power, "says Christian Arndt, director of cybersecurity at PwC .
Whether it is software (the user must press an alert on their smartphone) or hardware (the user must use a secure USB key on their computer), Multifactor Authentication (MFA) constitutes an effective line of defensee against unauthorized access attempts to accounts. According to Microsoft, the MFA protects against 99, 9% of fraudulent login attempts .
Not only does it prevent unauthorized users from accessing accounts, but the notification sent by the service, which asks the user if they have attempted to log in, can be used as a Alert to signal that someone is trying to access the account. It can be used to warn the company that it might be the target of malicious hackers.
The ability to easily store or transfer data is one of the main benefits of using cloud applications, but for businesses who want to ensure the security of their data, their processes should not be limited to uploading data to the cloud and forgetting iter. There is one more step that businesses can take to protect data uploaded to cloud services: encryption.
Just like when stored on ordinary PCs and servers, data encryption makes it unreadable and conceals it from unauthorized or malicious users. Some cloud service providers provide this service automatically, providing end-to-end protection of data to and from the cloud, as well as within it, to prevent they are not manipulated or stolen.
Apply the security patches as soon as possible.
Like other applications, cloud applications can receive software updates as vendors develop and apply fixes to make their products perform better. These updates may also contain fixes forsecurity vulnerabilities, because just because an application is hosted by a cloud computing provider does not mean that it is invulnerable to security vulnerabilities and cyber attacks.
Fixes security critical for VPN and RDP applications have been published by vendors to address security vulnerabilities that expose businesses to cyber attacks. If these fixes are not applied quickly enough, cybercriminals may abuse these services to make them an entry point into the network that can be exploited for further cyber attacks.
Use tools to find out what's on your network.
Companies are using more and more cloud services, and keep track of allthe applications and all the servers that have been put into operation is no small task. But there are very many instances where corporate data is exposed due to misuse of cloud security. A cloud service can be left open and exposed without the company knowing . Public storage resources exposed in the cloud can be discovered by attackers, which can put the entire organization at risk.
In these circumstances, it may be useful to use cloud security posture management (CSPM) tools. These can help organizations identify and respond to potential security issues related to misconfiguration in the cloud, providing a means of reducing the attack surface that hackers can examine, and helping to maintain security. cloud infrastructuresecure against potential attacks and data leaks.
"Cloud security posture management is a technology that assesses configuration drift in a changing environment, and will alert you if things are one way or the other. another out of sync with what your baseline is. This may indicate that there is something in the system that can be exploited for compromise, "says Merritt Maxim, vice president and research director at Forrester.
CSPM is an automated process and the use of automated management tools can help security teams stay on top of alerts and developments. The cloud infrastructure can be vast, and having to manually comb through the services to find errors and anomalies would be too much of a burden for a human - especially if there are dozens of different cloud services out there. the network. AutomationAtion of these processes can therefore contribute to the security of the cloud environment.
"You don 't have enough people to manage 100 different tools in a changing environment every day, so I would say try to consolidate on platforms that solve a problem. big problem and apply automation, "says TJ Gonen, cloud security manager at Check Point Software, a cybersecurity company.
Make sure that the administrator and user accounts are separated.
Cloud services can be complex and some members of the IT team will have highly privileged access to the service to help administer it. Compromising a high-level administrator account could give an attacker extensive control over the network and the ability to perform any action that administrator privileges allow, which could be extremely damaging to the attacker. 'businesswhich uses cloud computing services.
It is therefore imperative that administrator accounts are secured by tools such as multi-factor authentication and that administrator-level privileges are only granted to employees who need them to do their job. According to the NCSC , the Administrator level devices should not be able to directly browse the web or read e-mail, as this could compromise the account.
It is also important to make sure that regular users who do not need administrator privileges do not have them, because in the event of account compromise, an attacker could quickly exploit this access to take control of cloud services.
Use backups as a backup plan.
But while cloud services can offerbenefits organizations around the world, it is important not to rely entirely on the cloud for security. While tools like two-factor authentication and automatic alerts can help secure networks, no network is impossible to penetrate, especially if additional security measures have not been applied.
This is why a good cloud security strategy should also involve data backup storage and their offline storage , so that in the event of an event causing cloud services to be unavailable, the company has something to work on.
Use easy-to-use cloud applications for your employees.
There is something else companies can do to ensure the security of the cloud, and that is to provide their employees with the right tools.ls right off the bat. Cloud application suites can make collaboration easier for everyone, but they also need to be accessible and intuitive to use, otherwise organizations run the risk that employees won't want to use them.
A business could put in place the most secure suite of cloud applications possible, but if it's too difficult to use, employees, frustrated at not being able to do their jobs, could turn to public cloud tools instead .
This issue could lead to company data being stored in personal accounts, creating a greater risk of theft, especially if a user does not have authentication to two factors or other controls in place to protect his personal account.
Theft of information on a pe accountrsonnel could potentially lead to a widespread data breach or a broader compromise of the organization as a whole. .
Source: " HFrance.com