How cloud providers are protecting (and not protecting) you organisation?
What you need to understand about our and the cloud provider’s responsibilities to effectively protect the resources placed there?
The cloud is here and will stay for good – digital transformation has only accelerated its adoption. Unfortunately, too often during this transformation, companies make the mistake of failing to differentiate between the specifics of their environments. The result is moving configurations and processes from an on-premises environment to a cloud environment – without any customization.
The statement that it is just another person’s server is partially true – in fact, the cloud is more than just a server. It offers physical protection, such as access control and monitoring who is entering data into the data center. This level of physical security is usually higher than companies provide for their storage areas. Weaker version may be enough when we have data “at our fingertips” – meaning, for example, we walk past the server room every day. With a cloud provider, that won’t go away – many customers share the same space and may have different threats and needs. Not to mention people who want to attack those resources for various reasons. Cloud data centers monitor disk, memory and other factors that affect storage performance – plus they have redundant power. They also ensure physical storage is protected with encryption and other storage best practices.
One thing cloud providers cannot do is to make sure that we have done everything necessary to protect our data in the cloud. You can easily put a database in the cloud, but if you don’t secure it properly, all the proven data center security methods become useless. Microsoft calls this the shared responsibility model. They can provide secure infrastructure, secure hardware, and secure computing capabilities, but if you don’t follow best practices for password protection, security hygiene, and proper software security, data center best practices won’t protect you.
With this shared responsibility model in mind, the more you move away from on-premises solutions to software as a service (SaaS), the more responsibility the cloud provider has. If you have all of your data in on-premises solutions, you are responsible for all aspects of security and operations. You’re also responsible for properly classifying data and managing users and endpoint devices.
With solutions like:
- Infrastructure as a Service (IaaS). – The buildings, servers, network hardware and hypervisor are managed by the platform provider. You are responsible for securing and managing the operating system, network configuration, applications, identity and data.
- Platform as a Service (PaaS). – Move the responsibility for managing and securing network controls to the cloud provider.
The key weakness is usually remote access. Because we are used to knowing the Remote Desktop Protocol (RDP), we often configure cloud services the same way. This opens up RDP access without restricting access, using two-factor authentication, or better yet, not using RDP at all to access cloud resources.
The May 2021 status classifies the following as key threats to cloud resources:
- Hijacking of access credentials to cloud accounts.
- Unsecured API’s.
- Malicious insider threats.
- Vulnerabilities in systems securing logins to the cloud.
You will be able to read about the details in the next article. In conclusion – cloud provider will provide you with server security – both physical and virtual. You have to secure access with proper configuration, strong passwords and – what is often overlooked – raising awareness among end users.