The popularity of cloud applications and software has risen significantly in recent years. But while using cloud services can be beneficial for businesses and employees, it also carries new cybersecurity risks.
Special Feature
The ability to log in from anywhere using cloud applications is convenient for employees, but it’s also a potential new opportunity for cyber criminals, who, with a set of stolen passwords, could gain access to sensitive information. There’s even the prospect of hackers abusing cloud services to launch ransomware attacks and other malware campaigns.
But there are steps that can be taken — and mistakes that must be avoided — to ensure your organisation’s cloud security strategy both delivers a productivity boost and keeps users and the network safe from cyberattacks and incidents.
1. Don’t leave cloud accounts exposed and without security controls
Cloud applications and services allow users to access files and data from anywhere — something that makes them a prime target for cyber criminals. Remembering passwords can be difficult, which is why many users use simple, common or re-used passwords.
While this approach reduces the chances of users being locked out of their accounts, it creates an open goal for hackers – particularly if breaching an email address or another corporate application that’s part of the cloud suite provides intruders with an opportunity to escalate their privileges and gain additional control over systems.
SEE: Cloud computing security: New guidance aims to keep your data safe from cyberattacks and breaches
In many cases, businesses don’t realise that a cloud account has been abused by cyber criminals until it’s too late and data has been stolen or ransomware has hit the network.
It’s vital that any cloud accounts are secured properly, using a complex, unique password and that they are also equipped with multi-factor authentication, so even if the password is breached, leaked or guessed, there’s an additional barrier that helps to prevent the account being taken over and abused.
Organisations should also consider providing staff with password manager software, so users don’t need to remember passwords, leaving them free to create longer, more complex passwords that are less likely to be breached.
2. Don’t give every user the keys to the kingdom
Cloud applications and services are convenient, providing users with a variety of tools they need to be productive, all in one place. But different users have different needs and most users don’t need high-level privileges – particularly when that access could easily be abused by an unauthorized user who has hacked or otherwise taken control of an account with admin rights.
It is, therefore, imperative for IT and information security teams to ensure that administrator privileges are only available for those who really need them – and that any account with administrator privileges is properly secured, so attackers are unable to gain access and abuse high-level accounts — to create additional accounts they could use to secretly go about their business, for example. It’s also important that regular users don’t have the power to escalate their own privileges or create new accounts.
3. Don’t leave cloud applications unmonitored – and know who is using them
Companies use a wide variety of cloud-computing services, but the more applications that are being used, the more difficult it is to keep track of them. And that could provide a gateway for malicious users to enter the network undetected.
It’s vital that IT departments have the necessary tools to keep track of what cloud services are being used – and who has access to them. Enterprise cloud services should only be available to users who are working for the organisation. If someone leaves the company, the access should be removed.
SEE: What is ransomware? Everything you need to know about one of the biggest menaces on the web
It’s also important to ensure that cloud applications aren’t misconfigured in a way that means they’re open to anyone on the internet. This open access could lead to attempts at brute-force attacks, or cyber criminals could attempt to use phished or stolen credentials to access cloud applications.
In the worst-case scenario, a misconfigured cloud application facing the open internet may not require login details at all, meaning anyone can gain access. It’s vital that organisations are aware of how their cloud services interact with the open web and that only those who need these services can access them.
4. Don’t ignore security updates and patches – cloud software needs them, too
One of the most important things you can do to improve the cybersecurity of your network is to apply security updates and patches as soon as possible. Cyber criminals regularly look to exploit known vulnerabilities in applications to breach networks and lay the foundation for cyberattacks.
Cloud software is no different. Vulnerabilities can be uncovered and they will receive security patches, which need to be applied.
IT departments that run large, cloud-based networks might think that security is taken care of by the cloud service or application provider they use, but that’s not always the case – cloud software and applications need patching too, and it’s vital that this work is done promptly to ensure the network is resistant to cyber criminals trying to exploit vulnerabilities.
5. Don’t rely purely on cloud for storing data – keep offline backups in case of emergency
One of the key benefits of cloud software is that, in many cases, it’s available at the touch of a button – users can access data stored in the cloud, from wherever they are and from whatever device they’re using.
But that doesn’t mean that data stored in the cloud is necessarily accessible 100% of the time. Systems can suffer from outages and it’s also potentially possible for cyber criminals to tamper with data.
If the identity controls protecting cloud accounts are breached by cyber criminals, the data could be deleted or held hostage – a common tactic used by ransomware gangs, for example, is to delete backups stored in the cloud.
No matter how strong your cybersecurity controls are, protecting cloud accounts is particularly important. Data should be backed up and stored offline because, if the worst happens, and data in the cloud is lost or inaccessible, there’s the possibility of restoring from backups.
Not only is it important to regularly save backups – so the restore point is as recent as possible, meaning everything is as close to being up-to-date as it can be – those backups should also be tested regularly. After all, there’s no point keeping backups if it turns out that they don’t work when they’re actually needed.