Protecting assets and infrastructure in the cloud requires security designed specifically for cloud platforms. Cloud security combines processes and technologies designed to reduce risk to business operations, assets and data from both internal and external threats. Such processes and technologies must simultaneously support dynamic business goals and the agile development practices used to achieve those goals, explains Craig Boyle, MSSP Solutions Architect at XM Cyber.

Although securing cloud environments should be done in tandem with an organization’s cybersecurity strategy, the two types of security have different goals. Traditional cybersecurity is built around data centers and networks, where security teams have full control over the infrastructure and data, while securing a cloud infrastructure is all about trust in an environment that is often controlled by a third party.

Third-party cloud providers such as 11:11 Systems, the sponsor of this article, offer solutions to ease the transition of mission-critical workloads to the cloud. For on-premise application relocation for production, data protection or disaster recovery, 11:11 Cloud offers a VMware-based environment tailored to your performance, security and cost-effectiveness requirements. Try 11:11 Cloud today with a free 30-day trial.

Jump to:

Why is cloud security important?

Enterprises no longer view securing cloud environments as simply adapting existing security designed for on-premises networks. In the cloud, deployments are complex and security is continuous and ongoing. Managing security requires a different approach due to the scale of the cloud environment.

“Threats and vulnerabilities evolve and new workloads are deployed or security gaps are exposed, so the security measures in place must be able to keep up to identify and mitigate risks,” said TJ Gonen, the vice president of cloud security at Check Point software technology.

SEE: How to choose the right cloud technology

Components of securing cloud environments

The cloud centralizes the management of applications and data, including the security of these assets, explains Utpal Bhatt, the chief marketing officer at Tiger. This eliminates the need for dedicated hardware; reduce overhead and increase reliability, flexibility and scalability.

Most cloud providers offer a standard set of security tools that provide specific areas of security, but these are the areas where cloud security is most important:

Data security

Data is the crown jewel of assets and requires the highest levels of security. In the cloud, encryption is the first line of defense for data in transit and at rest. VPNs are also useful for providing security for cloud-based data in transit.

Identity and access management

IAM is all about who has access to data and how to identify the authenticity of the user. Solutions such as password managers and multi-factor authentication are important security tools here.

SEE: Identity and access management for the real world: Privileged account management

Governance and compliance

Cloud adoption and management poses a critical risk to organizations that handle sensitive data or those in highly regulated industries. Most cloud providers have audited their environments for compliance with well-known accreditation programs, such as GDPR, NIST 800-53, PCI 3.2, and HIPAA, but to stay on top of these risks, organizations need tools that continuously check compliance and actually reach out. -time warnings about misconfigurations.

Data loss protection and business continuity

Data redundancy is key to data loss prevention and business continuity, especially in the wake of ransomware attacks or other cyber incidents that can take a company offline. Many organizations rely on the cloud for data and application backup. Multi-cloud environments offer higher levels of security as these backup systems are spread across different platforms, so if one cloud infrastructure goes down, other options are still available. DLP and BC provide security beyond cyber attacks, but also during natural disasters and physical security threats.

“The more heterogeneous an environment is, the less leverage an attacker has. Put another way, traditional networks are similar to snowflakes in that each one is unique, making it harder to attack,” said Oliver Tavakoli, CEO of Vectra AI.

What types of cloud security solutions are available?

Identity and access management

Identity and access management solutions authorize users or applications and deny access to unauthorized parties. IAM assesses a user’s identity and access rights and then determines whether the user or a workload is allowed access. IAM tools are highly effective in keeping cloud environments secure because they are not based on a device or location during a login attempt.

Encryption

Cloud environments require encryption of data at rest and in transit. Encryption scrambles data until it becomes meaningless. Once data is encrypted, only authorized users in possession of decryption keys can use it. Since encrypted data is meaningless, it cannot be leaked, sold or used to carry out other attacks, even if intercepted or exposed.

Data can be encrypted “at rest” while it is stored and “in transit,” when it is sent from one location to another. Encrypting data in transit is critical when migrating data, sharing information, or securing communication between processes.

SEE: Best encryption software and tools

Risk assessment and management

Threat actors are constantly searching for and finding cloud vulnerabilities to exploit. In response, organizations are constantly looking for and mitigating risks. There are various tools that organizations can use for risk assessment and management as well as published frameworks, such as the Cloud Security Alliance’s Cloud Control Matrix which can help codify internal processes for risk assessment and management.

Security information and event management

Security intelligence and event management are cloud-based tools that collect, analyze, and monitor data for threats.

SIEM platforms aggregate information about systems, infrastructure and applications in a single user interface, giving the security team a complete view of the entire network architecture.

Cloud access security broker

A cloud access security broker is a cloud-based intermediary for cloud security providers and cloud users. The role of the CASB is to enforce the security policies around cloud resources such as login access, credentials, encryption and malware detection systems.

Extended Detection and Response (XDR)

XDR provides threat detection and incident response across the cloud environment. It is used to detect potential threats in identity management, logs and network traffic.

SEE: Best EDR Software

What are the biggest challenges of Cloud Security?

Complexity

Complexity can be the biggest challenge in securing cloud infrastructure, Boyle said.

“While a lot of people will talk about specifics like misconfigurations, identity, or Kubernetes, etc… the underlying problems with all of these things is their complexity,” Boyle explained. “Complexity obscures visibility and prohibits clear contextualization of risk.”

Visibility

Because the cloud is used remotely and across a wide variety of devices, it is difficult to have a clear picture of all data, how it is shared, where it is shared and who has access. This lack of visibility makes it difficult to detect potential threats. Tools like 11:11 Cloud provide a unified console to make the statuses of your cloud deployments visible and traceable.

Shadow IT

Just like a lack of visibility, security teams are tasked with monitoring the information technology used across networks, but with remote work and bring-your-own-device policies, users are deploying cloud-based applications and software without permission.

Misconfigurations

Misconfiguration of cloud applications is one of the leading drivers of cyber attacks. Issues such as using default passwords, allowing unused or orphaned credentials to remain active, and not enforcing least privilege policies are the root causes of misconfiguration threats.

Data privacy

With the ability to access the cloud from anywhere, it is impossible to know who has access to sensitive data. A device that is used by multiple users, such as a family computer, or that is used in a public space, can put data privacy at risk, for example. Lack of privacy can lead to breaches of data compliance.

Cloud security best practices

The National Institute of Standards and Technology offers several frameworks focused on cybersecurity and cloud security. NIST recommends the following best practices:

• Use the security features offered by the cloud provider.
• Inventory regular assets in the cloud.
• Limit the PII and sensitive data stored in the cloud.
• Use encryption.
• Stay on top of threats targeting the cloud.
• Work closely with your CSP, but ultimately security is the responsibility of the organization.

Final thoughts

Cloud security must keep pace with evolving technology and threat environments. Security teams and the tools used must adapt and provide greater visibility and observability. They need to be seamless, they need to scale, they need speed, they don’t need to hinder development, Check Point’s Gonen advised.

Read next: 5 best practices for securing cloud infrastructure