A Holistic Approach to Cloud Security
Cloud Security is a broad set of policies, technologies and applications that protect virtualized IP, data, and services. This sub-domain of cybersecurity covers a wide range of activities and tools such as firewalls, encryption and anti-malware.
The cloud presents unique cybersecurity challenges and risks because of its lack of clearly defined perimeters. As a result, attacks occur in different ways than on-premises attacks, and cybercriminals have many more opportunities to steal sensitive data. It’s important to implement a holistic approach to cloud security that includes visibility, detection and response for threats in transit or at rest, as well as the ability to enforce acceptable use and access control policies across the entire environment.
Most organizations outsource the management of hardware and software to a third-party Cloud Service Provider (CSP), such as Amazon Web Services, Microsoft Azure or Google Cloud Platform. These CSPs typically lease or sell hardware, storage and processing power to their customers as SaaS, PaaS or IaaS offerings. As such, it is critical to ensure that each CSP is adhering to the “Shared Responsibility Model” for defining security responsibilities between the CSP and its customers.
Effective integrity security controls ensure that data stored in the cloud is never intentionally corrupted, deleted or tampered with and that data can be retrieved in the event of a breach. A key component of this is the availability of automated backups. Another is encrypting data in-flight or at-rest, as well as ensuring that the correct credentials are being used to access data.