BotNet News

Your source for Online Security News

Cloud Security

Cloud Security protects the data stored in, transmitted through and accessed by cloud applications. It also safeguards information from the same threats that might affect servers and software on-premises, such as malware, viruses, phishing and ransomware. Many solutions offer granular policies, governance and monitoring, while others provide secure access points and sandboxes that let only approved users launch and run cloud applications in a safe environment.

The security of the cloud depends on the client, with varying levels of responsibility depending on whether the service is Infrastructure as a Service (IaaS), Platform as a Service (PaaS) or Software as a Service (SaaS). When clients choose their providers wisely, and implement appropriate segmentation measures, they can help minimize the attack surface.

In addition, many organizations have regulatory compliance requirements to adhere to. These might limit how much sensitive information can be stored in the cloud, or mandate onsite backups for redundancy purposes. Other concerns might stem from the CLOUD Act, which allows government agencies to demand data from cloud provider servers in case of a national security emergency or criminal investigation.

Attacks in the cloud typically occur by leveraging misconfigurations, stolen credentials or a combination of both. As a result, cloud security solutions should focus on the prevention of attacks before they can make it to the cloud servers. These include antimalware services, network monitoring and firewalls to prevent unauthorized access from outside or within the corporate network, and threat intelligence that analyzes threats in real time across multiple platforms, devices, networks and clouds for faster detection and response.