Check Point and Cybersecurity Insiders have released their global 2020 Cloud Security Report, wherein the emphasis was placed on the cloud security challenges that business security systems face in the protection of data and workloads in their public cloud systems.
According to the report, 75% of respondents revealed that they were ‘highly concerned’ about public cloud security as it continues to remain a big challenge for them.
( Also Read: What is Cloud Security? )
Challenges in Cloud Security
-
Data Infiltration/Breaches
One of the current cloud computing security issues and challenges affecting cloud security in 2020 is the problem of data breaches. The data breach has several consequences, some of which includes:
- Incident forensics and response leading to financial expenses
- Legal and contractual consequences
- Negative effects on the brand which can result in the reduction of business market value due to all the listed reasons
- The monetary loss that may be caused by regulatory implications
- Losing intellectual property (IP) to competitors, which may affect the release of products.
- It can affect brand reputation and costumers’ or partners’ trust in the business.
-
Incorrect Configuration and Inappropriate Change Control
This is another of the most widespread cloud security challenges facing cloud technology in 2020. For example, a misconfigured AWS Simple Storage Service (S3) cloud storage bucket leaked accurate and sensitive data of about 123 million American families in 2017.
The dataset was owned by Experian, a credit bureau that engaged in the selling of the data to an online marketing and data analytics organization called Alteryx. The file was exposed by Alteryx. Such an incidence can have lethal consequences.
-
Unavailability of Cloud Security Structure and Tactics
All over the world, several businesses are moving parts of their IT infrastructure to public clouds. A major issue with this migration is the incorporation of adequate security structures to tackle cyber threats.
The challenge however is that most businesses still find it almost impossible to implement this process. Datasets are vulnerable to several attacks when businesses make the assumption that cloud transition is a “simple-to-execute” task of just migrating their present IT system and security architecture to a cloud environment. Another contributing factor is also a lack of understanding of the shared security role model.
-
Inadequate Access, Credential, Identity, and Key Management
With cloud computing comes several changes to typical internal system management practices associated with identity and access management (IAM). Although these aren’t really new cloud security challenges, they are however more important challenges when working on a cloud-based environment.
This is because cloud computing has great effects on identity, credential, and access management. In both private and public cloud environments, there is a need for CSPs and cloud users to manage IAM without impairing security.
-
Hijacking Account
The hijacking of accounts is an issue characterized by the access to and abuse of accounts that contain extremely sensitive or private details, by malicious attackers. Usually, the accounts with the most threats in cloud environments are subscriptions or cloud service accounts.
These accounts are prone to compromise as a result of stolen credentials, exploiting cloud-based systems, and phishing attacks.
-
Internal Breaches
According to the 2018 Netwrix Cloud Security Report, 58% of organizations indicate insiders as the cause of security breaches. Thus, most security incidents are caused by insider negligence.
The report from the Ponemon Institute’s 2018 Cost of Insider Threats study indicated that 13% of the reported insider incidents were caused by credential theft, 23% were associated with criminal insiders, and a whopping 64% was as a result of employee or contractor negligence.
Some of the cited common scenarios are: employees or other internal staff being victims of phishing emails that resulted in malicious attacks on business assets, employees saving private company data on their own poorly secure personal systems or devices, and cloud servers that have been configured inappropriately.
-
Interfaces and APIs with Poor Security
In order to enable consumers to manage and utilize cloud systems, cloud computing providers release a set of software user interfaces (UIs) and APIs. These APIs are the ones that determine how secure and available the overall cloud servers services will be.
From access management and authentication to activity control and encryption, it is necessary that these interfaces are designed for protection against both malicious and accidental attempts to infiltrate the security policy. The implications of insecure APIs can be the abuse or – even worse – the breach of a dataset.
A number of major data breaches have been caused by hacked, exposed, or broken APIs. In essence, it becomes imperative for companies to have an understanding of the security features that characterize the design and presentation of these interfaces on the internet.
-
Inefficient Control Plane
The transition from the data platform to the cloud environment creates certain issues for the creation of adequate data storage and protection protocol. It is now important for the user to create fresh processes for duplicating, migrating, and storing data.
This process becomes even more complex if the user would be employing Multi-cloud. These problems should be solved by a control plane. This is because it provides the integrity and security that would complement the data plane which brings about stability and runtime of the data.
An inefficient control plane indicates that whoever is in charge – either a DevOps engineer or a system architect – does not have complete control over the verification, security, and logic of the data infrastructure.
In this kind of situation, major stakeholders are unaware of how data flows, the security configuration, and the positions/areas of structural weak points and blind spots. As a result of these challenges in cloud security, the company could experience data leakage, unavailability, or corruption.
-
Applistructure and Metastructure Errors
Every now and then, cloud service providers reveal processes and security protocols that are needed in order to successfully integrate and safeguard their systems. In most cases, this information is disclosed via API calls and the protections are integrated into the CSP’s metastructure.
The metastructure is regarded as the customer line/CSP of demarcation, also called the waterline. In this model, several levels are characterized by error possibilities. For instance, inappropriate API integration by the CSP makes it easier for attackers to hinder cloud customers through the interruption of integrity, confidentiality, of service availability.
-
Restricted Visibility of Cloud Usage
Restricted cloud usage visibility is the outcome of the inability of a company to visualize and analyze the safety or maliciousness of the cloud service used within the organization. There are two major cloud security challenges in this concept.
The first is un-sanctioned app use. This happens when employees are making use of cloud tools and applications without the specific authorization of corporate IT and security. This, therefore, leads to a self-assistance model known as Shadow IT.
It is risky when insecure cloud services activity is not in accordance with corporate guidelines, especially when integrated with sensitive corporate data. According to forecasts made by Gartner, by 2020, ⅓ of all successful security infiltration in businesses will be driven by shadow IT systems and resources.
Secondly, is sanctioned application misuse. It is usually difficult for companies to carry out analysis on how approved apps are being taken advantage of by insiders who make use of the sanctioned app.
Most often, this utilization takes place without the specific permission of the organization, or by external threat agents that target the service though methods like Domain Name System (DNS) attacks, Structured Query Language (SQL) injection, credential theft, and others.
-
Misuse and Criminal Use of Cloud Services
Malicious attackers may take advantage of cloud computing resources to target cloud providers, as well as other users or organizations. It is also possible for malicious actors to host malware on cloud services.
Malware that is hosted on cloud service may appear to have higher legitimacy because the malware utilizes the domain of the CSP. In addition, cloud-based malware can utilize cloud-sharing resources like an attack vector to propagate itself the more.
-
The Growth of Hybrid Cloud is Surpassing the Ability to Maintain It
According to a survey, about 60% of respondents ascertain or strongly ascertain that the launching of business services in the cloud has skyrocketed beyond their ability to effectively maintain them in a timely manner. This figure remains the same since it was reported. This means that there has been no progress in that aspect. With the increasing rate of public cloud adoption, it is safe to conclude that the ground has been lost.
-
Denial of Service (DOS) Attacks
The primary objective of DoS attacks is to disable a system, network, or machine so that it becomes inaccessible to its intended users. The development and growth of cryptocurrencies like Ripple and Bitcoin make it easy for DoS attacks to occur the more.
By using cryptocurrency, it is no longer a must for cybercriminals to acquire the needed skills or possess control over a botnet. All they need to do is hire another hacker via these funding options to execute the work on their behalf.
-
Vendor Lock
In terms of security features, “Vendor Lock” is identified as a risk factor. It is highly restrictive to be limited to just one compatible security solution choice for a cloud service. The impact of this can be a low ROI for security.
This is because the locked-in vendor does not need to be in competition with other vendors. They are with your company since you’re their only choice if you desire a functional service without starting all over from the scratch.
Thus, it is necessary that you ascertain how effective it would be to move from a particular service provider to another when choosing cloud-based services. It is pertinent that you consider certain factors before choosing a cloud computing service in order to avoid vendor lock-in (for either your cloud service itself or your security solutions). Consider these factors:
- Does the cloud service offer a variety of several interfaces/integrations for various services and security features?
- Does the cloud service provider offer exporting tools to assist in migration to another system?
- Lastly, has your data been stored in an easy-to-export format to a new system?
-
Alerts and Notifications
Awareness and adequate communication of security risks is an important aspect of network security, as well as cloud security. A thorough security solution must be able to alert the respective website or app managers immediately it perceives a security threat.
Without clear and prompt communication, the appropriate entities will not be able to quickly mitigate the threat and take proper steps that will minimize the threat.
Final Thoughts
In all, although all of the issues discussed above pose a threat to cloud security, they are however not insurmountable. With the proper approach, technology, and partners, businesses can overcome the cloud security challenges and begin to enjoy the abundant benefits of cloud technology.