Cloud computing services have become a vital tool for most businesses. This trend has accelerated in recent years, with cloud-based services such as Zoom, Microsoft 365 and Google Workspace and many others becoming the collaboration and productivity tools of choice for teams working remotely. While cloud quickly became an essential tool, allowing businesses and employees to continue operating remotely from home, embracing the cloud can also bring additional cybersecurity risks.
Most people connecting to the corporate network would be doing so from their place of work, and thus accessing their accounts, files and company servers from inside the four walls of the office building, protected by enterprise-grade firewalls and other security tools. The expanded use of cloud applications meant that suddenly this wasn’t the case, with users able to access corporate applications, documents and services from anywhere. This has brought the need for new security tools.
Cloud Computing Security Threats
While it brings a number of positives for workers, remote working also presents an opportunity for cyber criminals , who have quickly taken advantage of the shift to attempt to break into the networks of organizations that have poorly configured cloud security.
Corporate VPNs and cloud-based application suites have become prime targets for hackers. If not properly secured, all of these can provide cyber criminals with a simple means of accessing corporate networks. All attackers need to do is get hold of a username and password, by stealing them via a phishing email or using brute force attacks to breach simple passwords, and they’re in.
Since the intruder is using the legitimate login credentials of someone who is already working remotely, it’s harder to detect unauthorized access, especially considering how the rise of hybrid working has resulted in some people working different hours to what might be considered core business hours.
Attacks against cloud applications can be extremely damaging for victims as cyber criminals could be on the network for weeks or months. Sometimes they steal large amounts of sensitive corporate information; sometimes they might use cloud services as an initial entry point to lay the foundations for a ransomware attack that can lead to them both stealing data and deploying ransomware.
That’s why it’s important for businesses using cloud applications to have the correct tools and practices in place to make sure that users can safely use cloud services, no matter where they’re working from, while also being able to use them efficiently.
Use Multi-Factor Authentication Controls
One obvious preventative step is to put strong security controls around how users log in to the cloud services in the first place. Whether that’s a virtual private network (VPN), remote desktop protocol (RDP) service or an office application suite, staff should need more than their username and password to use the services.
Whether it’s software-based, requiring a user to tap an alert on their smartphone, or hardware-based, requiring the user to use a secure USB key on their computer, multi-factor authentication (MFA) provides an effective line of defense against unauthorized attempts at accessing accounts. According to Microsoft, MFA protects against 99.9% of fraudulent sign-in attempts.
Not only does it block unauthorized users from automatically gaining entry to accounts, the notification sent out by the service asks the user if they attempted to log in. This acts as an alert that someone is trying to gain access to the account and can be used to warn the company that they could be the target of malicious hackers.
The ability to easily store or transfer data is one of the key benefits of using cloud applications, but for organizations that want to ensure the security of their data, its processes shouldn’t involve simply uploading data to the cloud and forgetting about it. There’s an extra step that businesses can take to protect any data uploaded to cloud services, encryption.
Just as when it’s stored on regular PCs and servers, encrypting the data renders it unreadable, concealing it to unauthorized or malicious users. Our cloud providers automatically provide this service, employing end-to-end protection of data to and from the cloud,, as well as inside it, preventing it from being manipulated or stolen.
Apply Security Patches ASAP
Cloud applications can receive software updates as vendors develop and apply fixes to make their products work better. These updates also contain patches for security vulnerabilities, just because the application is hosted by a cloud provider, it doesn’t make it invulnerable to security vulnerabilities and cyberattacks.
Critical security patches for VPN and RDP applications have been released by vendors in order to fix security vulnerabilities that put organizations at risk of cyberattacks. If these aren’t applied quickly enough, there’s the potential for cyber criminals to abuse these services as an entry point to the network that can be exploited for further cyberattacks.
Cybersecurity agencies like the Cybersecurity and Infrastructure Security Agency (CISA) and UK National Cyber Security Centre often issue alerts about cyber attackers exploiting vulnerabilities. If the vulnerability hasn’t already been patched, then organizations should react to the alerts immediately and apply the updates.
Use Tools To Know What’s On Your Network
Companies are using more and more cloud services and keeping track of every cloud app or cloud server ever spun up is hard work. There are tons of instances where corporate data is left exposed by poor use of cloud security. A cloud service can be left open and exposed without an organization even knowing about it. Exposed public cloud storage resources can be discovered by attackers and that can put the whole organization at risk.
In these circumstances, it could be useful to employ cloud security posture management (CSPM) tools. These can help organizations identify and remediate potential security issues around misconfiguration and compliance in the cloud, providing a means of reducing the attack surface available to hackers to examine, and helping to keep the cloud infrastructure secure against potential attacks and data breaches.
Cloud security posture management is a technology that evaluates configuration drift in a changing environment and will alert you if things are somehow out of sync with what your baseline is and that may indicate that there’s something in the system that means more can be exploited for compromise purposes.
CSPM is an automated procedure, and the use of automated management tools can help security teams stay on top of alerts and developments. Cloud infrastructure can be vast and having to manually comb through the services to find errors and abnormalities would be too much for a human, especially if there are dozens of different cloud services on the network. Automating those processes can, therefore, help keep the cloud environment secure.
Ensure Separation: Administrator/ User Accounts
Cloud services can be complex, but when using our cloud computing services, our IT team will have highly privileged access to the service to help manage the cloud. A compromise of a high-level administrator account could give an attacker extensive control over the network and the ability to perform any action the administrator privileges allow, which could be extremely damaging for the company using cloud services.
Therefore, it’s imperative that administrator accounts are secured with tools such as multi-factor authentication and that admin-level privileges are only provided to employees who need them to do their jobs. According to the NCSC, admin-level devices should not be able to directly browse the web or read emails, as these could put the account at risk of being compromised.
It’s also important to ensure that regular users who don’t need administrative privileges don’t have them, because in the event of account compromise, an attacker could quickly exploit this access to gain control of cloud services.
Use Backups For Contingency Plans
While cloud services can and have provided organizations around the world with benefits, it’s important not to rely on cloud for security entirely. While tools like two-factor authentication and automated alerts can help secure networks, no network is impossible to breach, and that’s especially true if extra security measures haven’t been applied.
That’s why a good cloud security strategy, such as ours at bva, should involve storing backups of data as well as storing it offline. Therefore, in the case of an event that makes cloud services unavailable, there’s always something there for the company to work with.
Use Simple Cloud Applications For Employees To Use
Organizations can also ensure the security of cloud by providing their employees with the correct tools from the start. Cloud application suites can make collaboration easier for everyone, but they also need to be accessible and intuitive to use, otherwise organizations run the risk of employees not wanting to use them.
A business could set up the most secure enterprise cloud suite possible, but if it’s too difficult to use, employees, frustrated with not being able to do their jobs, could turn to public cloud tools instead.
This issue could lead to corporate data being stored in personal accounts, creating a greater risk of theft, especially if a user doesn’t have two-factor authentication or other controls in place to protect their personal account.
Information being stolen from a personal account could potentially lead to an extensive data breach or wider compromise of the organization as a whole.
Therefore, for a business to ensure it has a secure cloud security strategy, not only should it be using tools like multi-factor authentication, encryption and offline backups to protect data as much as possible. The business must also make sure that all these tools are simple to use to encourage employees to use them correctly and follow best practices for cloud security, and here at bva we can do exactly that for you!