Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Three Ways to Keep Cloud Data Safe From Attackers

Due to the ease, flexibility and low cost of securely storing and sharing data between commercial cloud providers, by 2025 cloud deployments are expected to be a $68 billion market.

Due to the ease, flexibility and low cost of securely storing and sharing data between commercial cloud providers, by 2025 cloud deployments are expected to be a $68 billion market. However, current cloud deployments pose significant risks that could be mitigated with minor changes to infrastructure procurement and access.

Currently, most enterprises procure cloud instances using their company’s name. This lack of obfuscation in the billing trail provides an easy target for threat actors in the reconnaissance phase. Adding a simple layer of procurement obfuscation is an important first step that enterprises can take to better protect their most important data sources from potential threats. 

obfuscated cloud management The idea behind obfuscated billing is that an adversary may be able to access public records that tie an enterprise to a cloud deployment simply because their name is on the bill. When using an obfuscation strategy, the cloud deployment is procured through separate legal entities that make this discovery of the end user much more challenging.

Cloud obfuscation is another critical best practice given the rise of ransomware tactics that lock up critical business processes and data. Many recent ransomware attacks have involved a compromise of credentials that allowed criminals to access cloud instances. These backup environments were then corrupted with false data making it impossible to use them to recover from a ransomware attack.  

Enterprises need to make it much more difficult for threat actors to even know these backup environments exist. One way to do this is by totally disassociating the most critical business data from enterprise cloud deployments. This can be achieved by procuring a totally separate commercial cloud instance that is reserved for the company’s most sensitive data and only accessible through zero trust controls. In addition,this data should be encrypted in transit using keys controlled by the organization.

Cloud deployments allow for extremely cost effective and secure data environments. However, the evolving tactics of threat actors in conjunction with increasing potential insider threats makes additional layers of security essential to protecting an organization’s crown jewels. For example, the Department of Defense has long protected their most classified programs under a term called “Special Access.”  

Special Access Programs (SAPs) require a unique vetting process that is well above normal security clearance requirements, is only extended to personnel who have a need to know, and whose identity is often concealed using code names.  

Commercial enterprises can learn some important lessons from this approach. Whether it is sensitive customer data, health records, trade secrets, or financial information all organizations have data that requires additional levels of protection. An obfuscated cloud management approach is an essential strategy to keeping one’s crown jewels secure.

Advertisement. Scroll to continue reading.

RelatedAttackers Use Obscurity, Enterprises Should Too

Written By

Gordon Lawson is CEO of Conceal, a company that uses Zero Trust isolation technology to defend against sophisticated cyber threats, malware and ransomware at the edge. Previously, he served as president at RangeForce Inc. Gordon has nearly two decades of experience in the security sector with a focus on SaaS optimization and global enterprise business development from global companies including Reversing Labs, Cofense (formerly PhishMe) and Pictometry. As a naval officer, Gordon conducted operational deployments to the Arabian Gulf and Horn of Africa, as well as assignments with the Defense Intelligence Agency, US Marine Corps, and Special Operations Command. He is a graduate of the US Naval Academy and holds an MBA from George Washington University.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...