Prioritising Speed Over Safety During Cloud Migration Exposes Organisations To Cyber Threats
By Alex Tilley, Head of Threat Intelligence, Asia Pacific and Japan for Secureworks®
While there are many reasons organisations are attracted to cloud systems, impatience and promised cost savings can lead to some businesses failing to consider all the risks associated with such environments that can have very real security consequences. A fast implementation is manageable when the risk is low. But what does it mean for a landscape that holds crucial business data?
There are plenty of business performance aspects within cloud infrastructure that, when done properly, make for successful bottom-line improvements. However, the unavoidable reality for organisations today is that in using such platforms they’re storing their sensitive data, often including personally identifiable information (PII) of their customers and staff members, in third-party systems with (often) new and ill-considered or misunderstood risks.
Moving operations and storage to the cloud without proper planning, including initial and long-term security and monitoring strategies, is common. Businesses are tempted to overlook appropriate and thorough protection methods as the promises of convenience and cost savings take primary focus. This focus often leads to a complete lack of attention to the security risks and their often easy-to-implement controls.
Increases in large-all-encompassing data storage have attracted cybercriminals
As businesses move to cloud-based services and software-as-a-service (SaaS) platforms, more valuable data is stored, accessed and transferred within these systems. They become “juicy targets” for criminals looking for a centralised system from which they can steal many different types of valuable data. In short, fewer systems to attack means a bigger “bang for their buck” for the attackers. Historically, attackers targeted cloud products as a by-product of an initial on-premises intrusion where they sought to access valuable information from many disparate systems that were often protected by unique security and access controls. This began to change when businesses started using third-party systems to manage their finances and run operations such as payroll, human resources (HR) systems and customer data/marketing through SaaS software.
It is important to note that cloud-based and SaaS services offer tremendous benefits and are clearly “the future” for many aspects of business operations. The issue is that often these systems are not properly secured or monitored. The lack of security introduces major risks to businesses and individuals, as “everything is worth something to someone” in the criminal world.
Understanding risks within cloud computing
Learning and adapting to anything always comes with challenges. When organisations look to migrate any or all aspects of their business operations to the cloud, many don’t have the depth of knowledge of these systems to apply necessary protection methods. It’s important to find mistakes and plug any holes, potentially with new solutions or emerging best practices.
What should organisations consider before cloud migration?
There a few aspects that organisations looking to move to the cloud need to consider:
· Up-to-date and fit-for-purpose logging settings (fields and retention time)
· The proper use of multi-factor authentication (not relying on only username/password)
· System access segmentation
· Proper network access controls
· User login and behaviour logging
When it comes to cloud migration, the phrase "go slow to go fast" is true. Thorough thought and robust planning are crucial to ensure the available security controls are fit for purpose. Given the sheer volume of data being protected, cloud security should exceed the general default settings for access control where possible, paying attention to robustness of logging (which is typically only set up for administration and not forensic examination).
Organisations that maintain strong logging practices and ensure their security team have ample information to investigate a breach will be in a much better position to investigate any potential breach. Proper configuration of access control and data storage security will help to negate the amount of damage a breach could cause.
Deploying proper security is an imperative first step, but the fast-growing cloud landscape requires these systems to evolve too. Organisations should establish policies and procedures to evaluate and update their security posture to align with current cloud security recommendations. Security is a never-ending challenge, but businesses can stay ahead of cybercriminals by applying strong cloud security and learning from others’ mistakes.