Home » Topics » Cloud & Edge Computing » Harnessing the dark side the cloud: how to prevent the three biggest cloud dangers

Harnessing the dark side the cloud: how to prevent the three biggest cloud dangers

Avatar photoby Ben Rossi

The cloud gives an enterprise power, flexibility, scale and control. It’s an enormous set of computing power created by an interconnected, global information technology infrastructure.

It surrounds businesses and individuals and empowers them. It binds the global economy together, making it possible to perform tremendous feats and amplify abilities.

The cloud offers a myriad of benefits but needs to be secured to ensure its power is harnessed for good. What are the security certifications and protocols of these clouds? Where is corporate data held? How is it protected? Who has access to it? How long does the cloud provider maintain copies of data?

Attackers obfuscate malware communications when a worm, virus or botnet 'phones home' to send stolen data to a master computer

> See also: Understanding the three variants of cloud security

Malware families also use encryption to hide network information, including passwords or sensitive data, such as stolen bank account information, they are sending out to cloud-based servers. In fact, according to CGI Security, it’s actually easier to attack an organisation through applications that use encryption than those that don’t.

For example, an initial phish would go undetected because the Intrusion Prevention system did not include SSL visibility capability to look inside and identify the malware, and the enterprise’s firewalls were not sounding any alarms to block the packets.

Also, malware families such as Zeus are notorious for using encryption and other tricks to hide their command and control (C&C) communications from security-monitoring devices.

What to do about it: Ensure the organisation has visibility into SSL-encrypted cloud traffic. That means using SSL visibility tools that work with secure network gateways and other advanced edge security to inspect the traffic once it’s decrypted.

Attackers look for weaknesses on the perimeters of the cloud such as insecure interfaces and APIs

IT admins rely on interfaces for cloud provisioning, management, orchestration, and monitoring. APIs are integral to security and availability of general cloud services. Cloud Security Alliance reports highlight that as organisations and third parties build on these interfaces to build add-on services, complexity increases since organisations may be required to relinquish their credentials to third parties in order to enable their use of cloud systems.

This complexity can introduce avenues for credentials to be hijacked. Theses credentials can then be used to access data in cloud systems.

What to do about it: Encrypt or tokenise the data before it goes into cloud-based systems, so if the dark side does access the cloud, they will find that they only get access to meaningless replacement values.

The dark side can sometimes cause cloud users to forget about corporate guidelines for sensitive data

Such sensitive data includes healthcare data or payment card details, which cannot be stored in public cloud environments, or that certain end users in specific locations cannot access clouds that have risky profiles.

What to do about it: Control Shadow IT. Determine which clouds are being used, the relative risk of these clouds, and what types of data are being sent to these clouds. Armed with this knowledge, use technologies like cloud access security brokers (CASB) to monitor user behaviour for anomalous activity, and take proactive steps such as encrypting sensitive data so cloud use is secure. Specific steps include:

Restrict employee access to the myriad of new cloud applications that have sprung up in the past 5 years. Take advantage of cloud intelligence data feeds that can help your organisation understand the relative risks of using certain cloud applications.

Set policies to block specified data types from leaving the organisation via Data Loss Prevention (DLP) solutions that continually scan for things like patient data, credit card information and social security numbers.

> See also: 5 top tips on how to share files securely in the cloud

Inspect content coming from cloud applications to the enterprise, doing deep content analysis to prevent malware and other advanced threats from penetrating organisations.

Enterprises can and should have a clear and comprehensive understanding of the threats – both internal and external – to their cloud infrastructure and data, and use the abovementioned tips as a guide to address them with the most effective IT security approaches and technologies.

Harnessing the power of the cloud for good, carries massive business and technology benefits if the risks are proactively and wisely managed.

Sourced from Robert Arandjelovic, Director of Security Strategy, Blue Coat

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Data

Related Stories

Cloud & Edge Computing

Future challenges and innovations in cloud security platforms

Cloud security helps businesses navigate the challenges of cyber threats and the complexities of regulatory demands

Cloud & Edge Computing

CMA to probe big tech cloud providers for market dominance

The £7.5bn UK cloud market is set for a CMA investigation into the competition practices of AWS and Microsoft, with findings alleging vendor lock-in

Cloud & Edge Computing

Einstein 1 platform announced at Dreamforce

In the opening press conference at Dreamforce 2023, Salesforce announced its new, open Einstein 1 platform, in line with its long-standing metadata strategy

Cloud & Edge Computing

Two-thirds of small businesses plan to cut cloud spending

With cloud costs expected to increase by 10% this year, SMEs plan to cut the amount of data they store in the cloud or slash spending on cloud services