Chances are, you’re probably migrating (at least) some portion of your IT infrastructure to the cloud. You may be surprised to learn, however, that many of the tools and techniques used in the past to secure your servers, mobile devices, and workstations may not be as effective when those systems are in the cloud.
The Four Most Common Cloud Threats
Cloud computing can lower costs and facilitate productivity; however, it can also expose companies to new vulnerabilities and security challenges. The dynamics and scalability of cloud systems also make security monitoring more challenging when compared to inhouse IT infrastructures. If you rely on cloud-based systems, here are four threats to watch for:
- Users employing “shadow IT,” such as personal mobile devices or using Google Drive, Dropbox, and similar sites to store or transfer company data.
- Looking for simple anomalies rather than multidimensional threats.
- Focusing on a single source of threats.
- Overwhelming your IT resources with security events.
Your company doesn’t have to be vulnerable just because it has decided to benefit from doing business in the cloud. Here are four ways to protect against the most common cloud threats.
1. Monitor for Shadow and Sanctioned Apps
Historically, corporate IT had control of the network and resources connected to it. Today’s Bring Your Own Device (BYOD) and telecommuting work styles make security monitoring considerably more difficult, with the cloud adding to the confusion. To get a handle on all these devices and services, you need a baseline. When you know what “normal” looks like, it’s easier to scan for anomalies—instant messages, web sites visited, executable files, and the like—that are out of the ordinary. Similarly, you need to know whether unsanctioned services or devices—“shadow IT”—are connecting to your systems so that you can detect departures from the norm.
2. Focus on Multidimensional Threats
Every day in your company, a user logs in from an unfamiliar IP address or changes settings in an app. This may not seem terribly important, but when you look at such events in the broader context of your business network and cloud-based systems, a more sinister threat landscape can evolve. As a recent Cloud Security Alliance blog states, “Focus first on threats that combine multiple indicators and anomalies together, providing strong evidence that an incident is in progress.”
3. Correlate Cloud Usage with Other Data Sources
To better identify cloud threats within your resources and infrastructure, you have to look beyond a single data source. For example, is an employee logging-in from a proxy? By using big data analytics to study cloud traffic, your organization can distil ordinary data sources from those appearing to be suspicious and proactively identify potential threats.
4. Whitelist Known Users and Events
The average IT person could spend all of his or her time responding to security events. Fortunately, IT can make life easier by creating and maintaining an accurate list of devices, software, and low-risk events generated by trusted users. Such “whitelists” help ensure that only significant threats raise flags in IT.
All Phases IT has a team of IT security experts who can help your organization detect and prevent cloud threats when it matters most—before they occur. Contact us today for a complimentary consultation and evaluation of your cloud environment. We’re here to help!