Cloud Vulnerability

October 8, 2020

Between Google Drive, iCloud, and OneNote, the average person uses cloud-based storage every day, often without thinking about it, as cell phones, laptops, and tablets automatically back up images, documents, and personal and work data. It’s important for everyone to consider the potential vulnerabilities inherent to storing data in the cloud to ensure that their data remains secure, whether using the cloud for work or personal use.

Steve Kosten, in Towards Data Science, reported seven cloud computing security vulnerabilities and what can be done to combat those vulnerabilities. The strategies for ensuring cloud security focus on being proactive and taking every step possible to prevent security breaches.

As reported in the article, one of the easiest ways to improve cloud security is by ensuring the cloud storage is configured properly. “According to a report by Symantec, nearly 70 million records were stolen or leaked in 2018 due to misconfigured cloud storage buckets,” says Kosten. “The report also highlighted the emergence of various tools that allow attackers to detect misconfigured cloud storage to target.”

Kosten states that some of the misconfigurations to cloud storage include AWS security group misconfiguration and lack of access restrictions. These both lead to hackers being able to accessing and downloading data. This is why it’s important to ensure that the cloud configuration is set up appropriately from the start.

“While this may seem obvious, it can easily get overlooked by other activities such as moving data into the cloud without paying attention to its safety,” says Kosten.

Another concern listed relates to the end-user and ensuring cybersecurity staff are aware of how employees are using the cloud. It’s important to ensure that along with education on email phishing and malware, education should be provided on cloud vulnerabilities.

Kosten says, “Dealing with loss of control over end-user actions requires surveillance, monitoring, escalation, post-incidence analysis, remediation, investigation, and incident response, all of which should be integrated into the company’s data security plan.”

Going hand-in-hand with employee education is monitoring access management. Only those users that absolutely need access to a specific cloud infrastructure should be granted access. It’s also important that access is periodically reviewed to ensure inactive accounts are removed, administrator roles are assigned appropriately, and users are accessing the cloud in a secure environment.

Kosten emphasizes that a data governance framework is necessary to ensure user accounts and their related areas of access are frequently monitored.

Other vulnerabilities highlighted included insecure APIs, loss or theft of intellectual property, compliance violations and regulatory actions, and contractual breaches with customers or business partners. Read the full article to view all of the suggestions for securing data in the cloud.

Want to learn about cybersecurity? Capitol Tech offers bachelor’s, master’s and doctorate degrees in cyber and information security. Many courses are available both on campus and online. To learn more about Capitol Tech’s degree programs, contact admissions@captechu.edu.