Cloud Security

What is Cloud Security?

Cloud security is a phrase used to describe the wide array of policies, technologies and controls utilized to safeguard data, applications and all associated infrastructure of cloud computing. More and more small businesses are transitioning into cloud based environments through their use of solutions and services such as Microsoft 365, Amazon AWS, Salesforce, etc. Therefore, it is imperative to not only consider the security of any such solution while configuring and implementing them, as well as their continued security while in network.

Why is it Cloud Security important for small business?

Since cloud computing is such a new field, most IT teams lack the knowledge of how to properly secure their cloud and usually rely on the vendor to have safeguards in place.

Strong password and authentication (ex. multi-factor) policies should be enforced and access to critical data should be pre-authorized. Relying solely on the cloud vendor to provide security & safeguards is futile since the vendors can be easily compromised as was the case with Accenture, Time Warner Cable, and Amazon WS when their stores of data & metadata have been accidentally configured to be open to the public. It is important that IT teams continuously & meticulously monitor the security of deployed cloud solutions. Small businesses are often targeted because their limited resources which lead to weak network infrastructure and unprepared IT team; it is critical that small businesses do everything possible to ensure that the cloud solutions & services they entrust their data to are properly secured and do not solely rely on the vendor's security capabilities.

List of best practices

Encryption (In Motion)

Encryption in motion hides the information within files of data as it moves through your network. As such, encryption in motion is essential for ensuring that hackers cannot access information even if they get into your network. Best practices begin only transmitting data over SSL (Secure Sockets Layer) and relying on strong security protocols such as TLS (Transport Layer Security). Make it a priority to use encryption, even with data that is in a local network and behind a firewall.

Encryption (At Rest)

Encryption protects the sensitive data of your company by making the contents of a disk or files unreadable without a special key. When used properly, it is impossible to access your important data without decryption. To make full use of encryption, implement a policy where you encrypt all crucial files before saving them. You can choose to do so on a file-by-file basis or via disk, folders or USB drives. Encryption is particularly crucial for any business using cloud storage.

Perimeter Firewall

The perimeter firewall acts as the main defense for your private network’s perimeter, working to detect threats and unwanted traffic and protect your network from them. The perimeter firewall can block incoming traffic from getting to the internal network and outgoing traffic from using networks the company doesn’t want it to, such as social media. As with a regular firewall, you should regularly check the configuration settings for a perimeter firewall and update them when necessary. You should also opt for deep packet inspection when possible.

Host Based Intrusion Detection & Prevention Systems (IDS/IPS)

A host-based intrusion prevention system prevents an attempt at intruding into the network while at the same time logging the incident for later analysis. You should ensure that the logging is activated, as this can be a compliance standard. You should combine this with other protections, test the system’s ability to remove malicious code and be prepared to modify your IT strategies when necessary.

MULTI-FACTOR AUTHENTICATION

Multi-factor authentication is the process of requiring an additional security code to log into an account or make certain high-level changes. This is a crucial security measure that means that a hacker cannot get into your system even if they have an employee’s password. The best solution is to require multi-factor authentication for all accounts that have access to any sensitive information.

Activity Logging

Activity logging is the process of recording the activities of all users who access your cloud or network. It can be used to confirm that workers stay on task on a regular basis, and following a security breach, activity logs can help determine how the threat gained access. The activity logs should also include an alert when users take certain actions or when they manipulate data.

Securely offboard cloud users

This secure offboarding process should take place when someone leaves your organization and is the process of ensuring they no longer have access to the applications and files they previously did. If this is not done, a disgruntled employee could target your company, or an employee can view sensitive information they should not have access to under compliance regulations. A simple solution is to consolidate all the passwords and usernames for each user so you can easily delete them from the network following termination of employment. Alternatively, you can have a specific checklist in place that IT must follow to remove the employee credentials.

Ensure proper data deletion

When employees delete data from the network or a specific device, it must be truly deleted to prevent potential privacy issues and the ability of others to access that data. You will have to contact your cloud provider to discover what actually happens when you delete data. Use this information to create a data deletion policy that ensures all data is permanently deleted and cannot be accessed, whether by someone within the organization or an external party.

Talk to your cloud provider

Having open communication with your cloud provider is important, as it helps you understand the various security measures built into the system and what steps you need to take to enhance them. Additionally, the ability to communicate with your provider lets you contact them easily and immediately in the case of a problem such as a system outage or hacking attempt that deserves their attention. Best practices will not involve contacting the cloud provider for every little issue but having enough contact to confirm that they have excellent response times.

Confirm you own the data in the cloud

Check the policy of your cloud provider to confirm that your company owns the data you store in the cloud. Without confirmation, it is possible that the cloud provider as the host has at least partial ownership of the data, which could put you at risk of losing intellectual property rights. There would also be a risk of the cloud provider accessing sensitive information about your company or clients. If your provider’s agreement does not give you full ownership of the data you store in the cloud, switch to one that does, as this is a non-negotiable security measure.

Establish a disaster recovery plan

As with every other aspect of your company, you must have a disaster recovery plan in place for your cloud security. This is one of the times you should talk to your cloud provider, confirming that they have a solution in place to maintain service to the cloud in disaster situations and to get the cloud back up as soon as possible if it goes down. You must also have your own disaster recovery plan in place in case the service is unavailable. Best practices include backups of crucial files on hard drives in addition to in the cloud and the ability to perform basic tasks without reliance on the cloud.

Get coverage

Running a business is challenging enough without having to worry about cyber liabilities and lawsuits. You are one click away from getting the vital coverage your business needs.