A new study from CloudPassage, the LinkedIn Cloud Security Spotlight Report, has found that in order to secure the cloud, information security professionals are moving away from perimeter-based security models.
ComputerWeekly.com reports that the increasing frequency and success of attacks that bypass the network perimeter, as well as the fact that more corporate data resides outside of the perimeter underscores the need for additional layers of defense.
The most effective security controls for protecting data in the cloud include encryption of data at rest and in motion (65 and 75 percent), access control (48 percent), intrusion detection and prevention (48 percent) and security training and awareness (45 percent).
However, it may be wise to prioritize access control over encryption. Why? If an attacker can bypass your authentication by stealing passwords, brute-force, or any other method of attack, they can pose as a legitimate user in your systems, and decrypt your data.
There were many criticisms of Anthem’s lack of encryption after their data breach, but encryption of health data can’t stop a user that has authorized access controls and the permissions needed to steal plaintext data. Read more about other suggested security tools in Smarter Security: Logs & Context-Aware Access Controls.
The study also revealed that the biggest cloud security concerns include unauthorized access (63 percent) through misuse of employee credentials and improper access controls, followed by the hijacking of accounts (61 percent), supporting the notion that access controls are some of the most important security tools on the market.
One way to step up access controls is by using two-factor authentication to protect your cloud application logins. Duo Security’s two-factor solution protects many popular enterprise cloud applications, such as Salesforce, Box, Google Apps, Office 365, Amazon Web Services (AWS) and more. Learn more in Duo Security for Cloud Services.
Another report released by the Cloud Security Alliance (CSA) finds that data security concerns are paramount among cloud users, with most users concerned about data confidentiality, loss of control of data (governance), data breaches and compliance/legal issues. Similarly, the CloudPassage report finds that nearly 90 percent of respondents have moderate to severe security concerns regarding their cloud deployments.
In the CSA report, they found that data security concerns were paramount among cloud users. In order to secure the cloud, the CloudPassage report found the top security method is the ability to enforce consistent, continuous security policies. With Duo’s security controls, you can enforce an enrollment policy for certain users and groups, as well as an authentication policy in order to control how your users authenticate.
The second most important security tool ranked by the Linkedin report is the ability to use APIs for reporting, auditing and alerting on security events. Duo provides detailed user authentication, administrator and telephony logs that you can search or export to CSV or to your log management or SIEM systems using our REST API - that means you can easily track user activity and identify any abnormal activity using our administrative interface.
With Duo’s fraud alerts, you can also catch user-reported fraud as it happens. An alert is sent to your chosen email address whenever your users report possible fraud from a login request. Administrators can also automatically lock out users after a specified number of invalid logins, ensuring that potential attackers can’t access your cloud apps.
Securing cloud users and focusing on access controls can be one of the first few steps in an effective security strategy, as infosec moves away from perimeter-based security models to find a better way to keep data, users, apps and networks secure.