Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Cloud Considerations Learned from the Pandemic

Over the last 18 months, there have been massive scale changes in how everyone works, learns and socializes online primarily due to the pandemic. We all had to stay home; a switch flipped and being online was more critical than ever before.

Over the last 18 months, there have been massive scale changes in how everyone works, learns and socializes online primarily due to the pandemic. We all had to stay home; a switch flipped and being online was more critical than ever before.

Cyber attackers took advantage of this situation, not with the development of advanced threats, but by accelerating existing malware campaign capabilities with minor enhancements. For example, there has been growth in DDoS attacks, disconnecting employees from work and acting as a smokescreen that distracts security teams long enough for a penetration attack to map the network and deploy malware on vulnerable devices. Many of these attacks are targeted at critical verticals such as education and healthcare, with vast phishing and ransomware campaigns causing systems to go offline. For many, there has been no choice but to pay the ransom to get back online fast.

Cloud platform attacks are growing in frequency as more people must rely on cloud services for their daily work – collaboration, file-sharing and videoconferencing, to name a few. The common methods of these attacks are password theft via spear-phishing or user-coercion, which allow an attacker to steal data or take control of cloud systems, as well as malicious videoconferencing access that can not only disrupt business, but also allow an unknown user to hide in plain sight and secretly listen in on confidential conversations. 

All types of attacks are damaging, potentially affecting business flow and reputation, but enterprises have been quick to learn due to the rapid transition to remote working environments. With the proliferation of mobile devices and requirements for always-on connectivity and access, we’ve all become familiar with the conversation around shifting network perimeters and the elastic security needed to expand and contract based on dynamic usage and demand. 

The Network Pushed to the Edge

The pandemic pushed the network perimeter to its furthest extent, with nearly all users shifting to remote work environments overnight and cloud services becoming the norm. This change forced security and IT teams to adapt instantly. 

The move to remote working added cyber risk as employees used personal devices to access corporate information. Attackers knew this and, therefore, increased phishing campaigns targeted at personal email accounts in the hope of stealing data or spreading malware and ransomware. As we move into a hybrid work model, employees will continue to need constant security awareness training and updates that is also adaptable for a remote workforce. 

The network is the lifeblood of business, so it must be secured and constantly monitored from edge-to-edge, including cloud and physical environments. Machine learning and analytics are vital to keeping the network in tip-top shape, aiding security teams with fast responses and recommendations to ever-changing situations. Moving forward, security and IT professionals will apply these critical learnings to ensure future stability and availability of systems as users continue to do their jobs in the hyperconnected, distributed world.

Advertisement. Scroll to continue reading.

Making the Move to Cloud Safely

Cloud allows businesses to scale reliably with guaranteed performance as well as the knowledge that the latest version of the software is always in use. This is the responsibility of the cloud provider and is carried out automatically. Using definitive software reduces the risk of attacks as any new vulnerabilities are identified and quickly fixed.

Before making the move to the cloud, here are a couple of suggestions to ensure that adoption remains safe and secure:

• Ensure that the cloud provider puts security first and offers recognized security solutions to protect applications and data. Ideally, engage with a cloud provider that can extend existing data center security into the cloud. In doing so, the learning curve will be reduced for the security team and enables the same policies to be developed and deployed across physical and cloud infrastructure.

• Agree on a strict security service-level agreement (SLA) for downtime, application of patches, and security updates. Ensure it includes thorough, clear processes for what happens in the case of a system-wide attack such as a provider-level DDoS attack or advanced breach. 

• Make sure that the provider supports and uses the highest level of complex password process available. This will include complex passwords and a form of multi-factor authentication based on applications and/or tokens. 

Remember that the security for any cloud-based instance of a product is only as strong as the protection policies and passwords in place. An administrator can still make mistakes, and we have seen this regularly with exposed databases on the internet. 

Is it all about technology?

An effective security culture is created with better awareness for users, so it’s rare to come across an enterprise today that does not have a security awareness program in place. But how many of these programs have been adapted for remote working? This change is necessary as a wholesale return to the office in the short term is unlikely – in fact, it may never happen.

• Train users to be aware that complex passwords and multi-factor authentication are not just for their work computer but for personal devices too, and when well-adopted, are a benefit rather than a headache. If a remote user is using a personal device to connect to corporate resources, then a weak password on their computer is a business risk. Create training modules that cover password managers, authenticator applications and complex yet easy-to-remember password creation.

• Home IoT devices can be a weakness as consumers typically set them up with factory default security (e.g., weak or no passwords). A training module on home IoT would be valuable and perhaps enhanced by a special support email address or number where users could ask for advice on how to best set up home IoT devices for safety.

And How Does the Future Look?

In 2020, many moved from office to remote work, while businesses had to scale out with barely a day’s notice. This has all proven the reliability, performance and security of cloud solutions as well as demonstrated the ease of use for administrators and users.

Cybersecurity remains a key investment element for any organization, and we cannot become complacent; security policies must be regularly reviewed and updated. Similar to inventing new methods to target a remote workforce, attackers will start looking for new and innovative ways to break into cloud solutions. 

However, the adaptability of the cloud means that we will see continued growth into the future. Organizations will adopt new solutions, as well as expand what is already in place. The flexible and secure nature of the cloud allows security and application teams to focus on defining strategy for the future rather than being consumed by the management of what is in place today.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.