Understanding SMB Cloud Security: A Shared Responsibility
Defining Cloud Security
Cloud computing security (also referred to simply as cloud security) is the security of data, applications, and infrastructures associated with cloud computing. Relatively speaking, a majority of the features comprising cloud security for cloud environments—whether hybrid, private, or public—are quite similar to those of any on-premise IT architecture.
Cloud systems are affected by the same high-level security concerns as traditional IT infrastructures: availability disruptions, susceptibility to attacks, inadequate access controls, as well as data exposure and leaks. Cloud security involves implementing sufficient preventative measures so users:
- Know their organization's data and applications are safe and secure
- Know the ongoing state of security
- Know if any critical events occur in a timely fashion
- Can quickly discover, trace and react to sudden security events
Security Pain Points Connected With Cloud Infrastructures
Cloud infrastructures allow clients to store and process data via third-party data centers. Several cloud service models exist and include (but may not be limited to) Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). As mentioned above, the deployment models include hybrid, community, public, and private.
Cloud security concerns fall into two general classes:
- Security dilemmas encountered by cloud providers (SaaS, PaaS, and IaaS providers)
- Security dilemmas encountered by customers of cloud providers (organizations or enterprises that store data or host applications on the cloud)
It should be noted that the responsibility of security is a shared endeavor. While providers must ensure the defense of their cloud infrastructure, customers must also use strong passphrases and authentication measures to protect their data and fortify their applications.
When organizations choose to store data or host applications on a public cloud service, they forfeit having physical access to the servers hosting its data and/or applications. For this reason, sensitive data and applications are most vulnerable to insider attacks (malicious attacks on an organization's IT infrastructure committed by people from within the organization).
According to a report released by Cloud Security Alliance, malicious insiders were listed as the third top threat to cloud computing.
The report states:
"The threat of a malicious insider is well-known to most organizations. This threat is amplified for consumers of cloud services by the convergence of IT services and customers under a single management domain, combined with a general lack of transparency into provider process and procedure."
With this understanding, it becomes abundantly clear that cloud service providers must do their best to ensure thorough background checks have been done on employees with physical access to data center servers. In addition to that, data centers should be constantly monitored for malicious activity.
Things That Make Cloud Security Different
While many people comprehend the outstanding advantages offered by cloud computing, many of them are equally discouraged by security threats. This is quite understandable as cloud technology remains a complex concept for the average user; digital assets existing somewhere between nebulous resources and transmitted through the Internet and physical servers. It is an ever-changing environment where things are invariably evolving—such as security threats.
The most important thing to remember: Cloud security is IT security. Once one realizes the specific differences between cloud security and physical IT security, the "cloud" will not seem as precarious anymore.
Software-Defined Everything (SDE)
Due to hardware and software innovations, people and organizations are more connected than ever. Software is running more and more of the real world, driving tremendous advances in networking. Global and societal trends have been pushing transformations in compute, storage, networking, and security since the start of the Digital Age. Today, cloud technology is stoking the Software-Defined revolution.
Thus, the cloud can be defined as hosted resources delivered to clients by way of software. Such infrastructures—as well as the data processes—are portable, scalable, and dynamic. Cloud security must be responsive to environmental variables and organizational workloads while at rest and in transit; it must achieve this either as an inherent part of the workload (such as in encryption) or dynamically by way of a cloud management system and application programming interfaces (API). This is what shields cloud infrastructures from data corruption and/or loss.
An Ever-Evolving, Sophisticated Cyber Threat Landscape
Sophisticated cyber-threats can be defined as anything that negatively affects modern computing technologies which include cloud infrastructures.
More advanced malware and other types of malicious software such as Advanced Persistent Threats (APTs) are designed to skirt network defenses by targeting weaknesses in the computing stack. Data breaches occur in the form of proscribed information disclosure and data tampering. No obvious solution exists to safeguard against such threats; all that can be done is for providers and customers to follow a series of Security Best Practices.
Cloud Security Is a Shared Liability
It does not matter what cloud deployment one uses, they are responsible for securing their own space within that cloud environment. In other words, just because someone uses a cloud service owned and maintained by another company does not mean they can take security for granted. Insufficient due diligence is one of the top reasons for security failures. Cloud security responsibilities include:
- Choosing the right people
- Understanding relevant laws, policies, and regulations for compliance
- Using trusted software from reputable vendors
- Managing lifecycles with lifecycle-aware components
- Continuous monitoring to identify compliance and risk concerns
- Considering portability between databases
Some Security Best Practices
In order to improve security for those using only cloud-based services, this section hopes to identity management and access control security best practices. It is highly recommended to use Azure Active Directory (Azure AD) for user authentication and enhanced security. According to Microsoft, The Azure Active Directory (Azure AD) enterprise identity service provides SSO and multi-factor authentication to help protect your users from 99.9 percent of cybersecurity attacks."
Some other security best practices include:
- Secure Score in Microsoft Defender Security Center: "The Microsoft secure score tile is reflective of the sum of all the security controls that are configured according to the recommended Windows baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings." Read more - Improving IT Security with Microsoft Secure Score
- Microsoft Advanced Threat Protection (ATP) Plan 1 and 2: Merges Office 365 Advanced Compliance and Azure Information Protection. Designed to help IT and compliance teams, Microsoft Advanced Threat Protection (ATP) Plan 1 and 2 offer continuous risk evaluations across Microsoft Cloud services, automatically guards and oversees sensitive data during its lifecycle, and efficiently responds to regulatory demands leveraging intelligence.
- Weekly Computer Patching: Prompt patching is essential to security best practices. Though estimates vary among experts, most would agree that around 80 percent of attacks use vulnerabilities for which patches already exist. Additionally, most of those vulnerabilities had patches available for 12 months or so before the attack.
- Ensure all desktops are backed up to OneDrive or Google Drive.
- One should seriously consider enacting a no-file-download policy to local computers. Additionally, file editing should be done over the cloud, making it easier to control data security and manage files if and when an employee leaves the organization.
Many of the above-mentioned tasks should be repeated weekly to prevent cybersecurity threats.
For more information, browse our Free IT Guides on IT Security and Management.
For IT Services in Toronto, please reach out to us today. We are TUCU, and we are SMB IT experts serving Toronto since 2003. We'd love to speak with you about your technology needs.
Certified Cloud Service Providers
Get our CSP's working for you. Schedule your free consult today.