As businesses increasingly adopt cloud-first strategies moving more workloads and applications into the cloud, security continues to be a major source of concern. Organisations that are looking to embrace the agility, flexibility, and cost advantages of the cloud need to understand the challenges associated with cloud migration
and develop best practices for improving security in a cloud environment
. Why choose Wavex for your Cloud project? The benefits of cloud migration & management services How to put in place Cloud backup best-practices to avoid data loss
Misconfigurations and inadequate change control
Misconfigurations of cloud security settings are a leading cause of cloud data breaches, according to a report by the Cloud Security Alliance. Incorrect set up makes assets vulnerable to attack. For example, the breach suffered by Capital One in 2017 that exposed the private data of 123 million households was traced back to a web application firewall misconfiguration.
Data breaches remain the top cloud security threat and the consequences can be devastating for a business:
- Financial expenses incurred due to incident response
- Damage to reputation and trust
- Loss of intellectual property (IP)
- Regulatory fines
- Legal and contractual liabilities
- Brand impact and market value decrease
Lack of cloud security architecture and strategy
Before moving to the cloud, organizations must plan for a proper security architecture and ensure cloud migration strategy
is in place. To migrate to the cloud securely, the first step is understanding the threats organisations are exposed to and the shared responsibility model detailing which security tasks are handled by the cloud provider and which tasks are handled by the organisations.
Account hijacking is a threat in which malicious attackers gain access to and abuse accounts that are highly privileged or sensitive. In cloud environments, the accounts with the highest risks are cloud service accounts or subscriptions. Phishing attacks, exploitation of cloud-based systems, or stolen credentials can compromise these accounts.
Insufficient identity, credential, access and key management
The majority of cloud security threats, and cybersecurity threats
in general, can be linked to identity and access management issues. This stems from the following:
- Improper credential protection
- Lack of automated password and certificate rotation
- Absence of multifactor authentication
- Weak passwords