36% of organizations reported that their business suffered a breach in the last year, according to a 2021 Fugue report on the state of cloud security.

 

 

The biggest threat to cloud computing is poor identity, access, and credential management. While this has always been a threat to security, workplace changes brought on by the COVID-19 pandemic have made these threats more apparent. As remote and hybrid work environments have become the new norm, and many plan to preserve the practice, the threat is going nowhere soon. According to Deloitte, over half of all companies that implemented remote work in 2020 stated they plan to preserve this practice. 

 

The remote work environment has forced organizations to shift to cloud-based SaaS applications that allow employees to access necessary data from home more easily and removes barriers of geographical location. Although cloud computing has made this transition smoother and has many added benefits in the remote work environment, new avenues of access for cyber threat actors come with this. Necessary operational data is now being split across different SaaS applications, challenging security teams to keep up while trying to sift through their organization’s data to identify suspicious activity. 

 

Additionally, through cloud computing, access to sensitive data requires only a username and password, proving to be an easy process for employees and an attraction for cybercriminals looking for easy targets. If hackers can access the username and password, then to the software, they are regular users – meaning security teams may not detect suspicious activity immediately. While the organization is left unaware, the hacker will already have gained access to valuable assets they could now hold for ransom. Business leaders must recognize the new security challenges brought on by this transition to cloud computing and allot the necessary budget, resources, and implementation of security practices to address them. 

 

Practices to consider implementing:

  • Access control
  • Abnormal behaviors 
  • Zero-Trust model
  • Multi-Factor Authentication (MFA)

 

Access Control

Access control refers to the security technique regulating who can view sensitive documents and information within an organization. Access controls are implemented by using access management systems. Usually, different levels of access range from low to high levels of access that is generally determined by one of five types of access control– mandatory (MAC), discretionary (DAC), role-based (RBAC), rule-based, and attribute-based access control. 

 

Abnormal Behaviors 

Abnormal Behaviors security teams need to track:

  • Abnormal logging frequency behavior
  • Accounts with multiple concurrent sessions
  • An abnormal number of downloads by users
  • Abnormal logging behavior from different locations
  • Abnormal usage of critical systems

 

Zero-Trust Model

The Zero-Trust Model– in other words, “never trust, always verify”, refers to the strategic cybersecurity approach that helps secure an organization by eliminating implicit trust. Implementing the Zero-Trust Model within a cloud infrastructure requires an organization to follow the 5 Step Methodology to implement this into their current cloud infrastructure successfully. The five steps include:

 

  • Identifying all of the organization’s applications
  • Mapping how applications work
  • Creating boundaries between users and applications
  • Developing access controls
  • Monitoring to maintain the zero-trust environment

 

MFA

Multi-factor Authentication (MFA) is an authentication method where a user is asked to provide two or more credentials to verify their identity, to then gain access to an application, online account, or VPN.

 

  • Password or pin
  • Smartphone or badge
  • Fingerprint or voice recognition

 

As our world and workplace change, we must take on the security challenges brought on by these changes. Combating the security threats brought on by increased cloud computing starts with recognizing the possibility of threats, implementing security measures, and ending with continual monitoring.