Cloud Security

Cloud computing allows access to computer system resources, from any location, via the internet. Companies no longer need to invest in costly on-premises servers that need to be maintained, but can instead outsource this maintenance to a cloud service provider. While cloud computing provides many benefits, securing a cloud environment can be challenging due to the expanded attack surface.

Getting Started in the Cloud

Types of Cloud Infrastructure

For organizations just beginning to explore the cloud, selecting the cloud infrastructure that is right for your business can be overwhelming. There are pros and cons to each model. Which you choose will depend on your business’s resources, as well as the level of control you would like to have over your data.

  • Private Cloud: A private cloud is used solely by one entity. This is often more expensive, but provides greater control over security and room for customization. 
  • Public Cloud: A public cloud is managed by a cloud service provider (CSP) and space is shared amongst a number of tenants. This is less expensive but gives up some control of your data to the cloud service provider. 
  • Hybrid Cloud: Hybrid clouds allow use of both public and private clouds, which provides a cost-effective way to scale up with demand. 
  • Multicloud: A multicloud environment consists of cloud services from multiple cloud service providers. This can be difficult to manage, but allows you to use the best features from various vendors. 

Types of Cloud Service Models

Cloud service providers (CSP), such as AWS, Microsoft Azure, or Google, allow companies to take advantage of the benefits of cloud computing without the strain of managing the required infrastructure. The level of responsibility that you as the consumer of these services retain versus the responsibility taken on by the CSP is determined by the cloud security service model. 

  • Infrastructure-as-a-Service: The CSP is responsible solely for the cloud itself, meaning the servers, network, virtualization, and data storage. You maintain responsibility for your operating system, applications, and the security of the data that you’re storing in the cloud. 
  • Platform-as-a-Service (PaaS): This model includes the infrastructure as well as an application-software platform on which to run your apps.
  • Software-as-Service: A SaaS application is any application that is accessed over the internet, such as Salesforce or email clients like Microsoft 365. 

Cloud Implementation Resources:

 

Cloud Security Planning Guide

Learn best practices for managing a secure cloud environment.
Get the Guide

Securing a Hybrid Cloud Environment

A hybrid cloud is common because it provides the best of both public and private clouds, but multiple environments means an expanded attack surface and lack of visibility that can make it difficult to defend.

Developing a Hybrid Cloud Strategy

Cloud costs can quickly get out of hand, so it is important to go into this transition with clear goals in mind. Conduct an audit of your digital assests to determine which workloads should be moved to the cloud and which would be better suited to stay on premises. Some workloads may be able to simply be rehosted in the cloud, while others must be replatformed or rearchitected to make better use of cloud resources. 

Challenges and Benefits of a Hybrid Cloud

A hybrid cloud allows organizations to maintain on premises servers or private clouds for sensitive data or legacy workloads, while taking advantage of cost-efficient public clouds for rapid application development and data storage. They facilitate remote work and wider accessibility of your services to customers around the world. Hybrid clouds may also be used for backing up data as part of your ransomware resilience strategy. 

However, with some of your data residing in the cloud and some residing inside your private network, it can be difficult operationalize data streams coming from different data feeds and vendors, in different formats. To effectively secure a hybrid cloud, you need to invest in the staff and tools needed to manage it. 

Cloud Security Planning Guide

Learn best practices for managing a secure cloud environment.
Get the Guide

Recovery Strategies: 

 

Cloud Vulnerability Management

Vulnerability management is the process of identifying, investigating, correcting, and reporting on security threats in our systems and software. As organizations transition away from strictly on-premises environments in favor of public and hybrid clouds, security professionals have been forced to reevaluate traditional vulnerability management practices that are no longer sufficient in the fast-paced cloud environment.

Identity & Access Management

With the rise of remote work and adoption of cloud-based work environments, identity can no longer be assumed based on location or device but must be verified by other authentication factors. IAM in the cloud relies on policies such as least privilege and zero trust to routinely verify that users have access to only what is needed. 

Zero Trust

A zero-trust approach to security, as the name implies, means that no user or application is inherently trusted. All access must be verified before permission is granted. A zero-trust approach relies on the principle of least privilege and microsegmentation of resources to limit access to just what is needed for the work being done. Behavior is monitored during the session as well, and access may be revoked if suspicious behavior is identified. Zero trust becomes particularly important in the cloud where there is no physical perimeter to define in-network traffic as inherently safe. 

Detecting Vulnerabilities

Vulnerability scans, in conjunction with penetration testing, can help identify vulnerabilities. It’s important to keep in mind vulnerabilities that are specific to the cloud environment such as scanning containers and identifying misconfigurations. 

Vulnerability Management Resources:

 

Cloud Compliance

Just like data stored on premises, data in the cloud is subject to data privacy and consumer protection laws. To be in compliance with these regulations, you need to maintain correct configurations and implement policies that enable visibility across your environment.

Data Protection

Hybrid clouds introduce a unique set of data protection challenges. Because data is moving on the open internet, encryption is more important than ever, both for preventing a data leak, and ensuring you’re in compliance with laws like GDPR. Another requirement of these laws is being able to delete data upon request, which can be difficult without proper visibility across the entirety of your hybrid cloud environment. 

Misconfigurations

One of the biggest sources of cloud vulnerability is misconfigurations. Cloud Security Posture Management tools are designed to help automatically detect and remediate misconfigurations and check compliance with applicable regulations. 

Cloud Frameworks

A cloud security framework provides guidelines for security in the cloud. These frameworks offer a roadmap for organizations shifting from a traditional on-premises approach, to a cloud-focused approach, by providing policies, tools, configurations, and rules needed for secure cloud use. policies, tools, configurations and rules needed for secure cloud use. 

Cloud Compliance Resources

 

Cloud Security Planning Guide

Learn best practices for managing a secure cloud environment.
Get the Guide

Read the Latest Blog Posts

Subscribe to the blog

Join RH-ISAC today!

Complete an application form if you are interested in becoming a member of RH-ISAC.

Become a member