Hacks to Reduce Security Breaches in Cloud Computing Networks

in #cloud7 years ago

 Cloud computing networks are revolutionizing the business world and, with their limited resources, SMBs are often first in line to take advantage of virtualization.Unfortunately, due to their absent or budget in-house IT services, they are also high on the priority list of hackers looking to cause damage or to steal sensitive data.

Even businesses with limited sensitive data on their systems are seen as a way to gain access to their bigger clients’ networks (for example, the HVAC company whose network access credentials opened up a channel to discount store giant Target in the 2013 data breach, costing them millions of dollars in settlements).

The dilemma between increased operational efficiency and higher exposure to security breaches is one being anxiously chewed over by CTOs and business owners everywhere.

If you decide to bite the bullet and embrace the cloud, here are some tips for minimizing risks.

Automate Security Checks

Security-conscious homeowners make sure they check the locks on all of their doors and windows when they leave the house. IT-security businesses do the same with any data coming into or exiting their networks. 

There are various types of automated threat detection software on the market and some are able to flag changes to firewall and server configurations and even trigger password change reminders.Just be aware that threat detection automation is not infallible. It still requires a human being to act on any threats it picks up on and, in the case of malware detection, install security patches. Even then, it may be breached as part of a zero-day exploit.

Minimize Downloads

Cloud services, especially the bigger ones, are often less vulnerable to security breaches than the systems used by their clients. Where sensitive data is concerned, the fewer versions stored on your in-house systems the better.One simple hack to reduce the risk of data theft is to strictly limit the downloading of data.

 For example, if you are accessing a sensitive document — such as a scanned bank statement — on the cloud, use a viewer or your browser’s preview function rather than automatically hitting the download button.There is no point in your cloud provider implementing end-to-end encryption and two-factor authentication only for a dodgy visitor to plug in a flash drive and swipe documents you’ve left lying about on your own PCs.

Use Your Virtual Shredder

As well as reducing the number of downloads, make it a clear policy to delete documents, emails and other data that you no longer need. Leaving emails and documents lying about in system folders — even spam folders or trash cans — not only increases the chance of them being stolen. 

It also leaves you vulnerable to hidden scripts or infected files.Adjust the settings of your email server to ensure the spam and trash folders are regularly purged. You can also use the inbuilt Task Scheduler (Windows) or Automator (Mac Os X) to delete, for example, unmodified files of a certain age.

Consider Tokenization

Tokenization is used by many security-conscious firms to protect sensitive data (e.g. card details in retail environments). However, tokenization systems can work with other types of sensitive data too.In a nutshell, tokenization associates real data with a temporary random alternative (the token). The token then replaces the real data during transfer. If the network has been exploited, the hackers can steal only the meaningless token. Unlike some forms of encryption, there is no formula used to create the token from the original data. Therefore, the hacker will be unable to recreate the real data.

Strictly Control Third Party Apps — and Users!

Businesses regularly underestimate the number of third party apps that are integrated into their virtual networks. Third party apps using APIs are now ubiquitous across the internet but not all follow good security practice.Carry out regular audits to draw up a list of all of the third-party apps your business uses. 

Make sure you are running the latest versions, have installed any security patches and that each app meets your company’s security and compliance standards. If necessary, replace those that do not.If your organization is complex or you are unsure about whether a third-party app is safe, consider outsourcing this function to a professional IT consulting firm.It is also wise to run a regular third-party user audit. 

You wouldn’t allow a lodger to retain the key to your home after they leave so be quick to withdraw any permissions you have granted to your systems when access is no longer appropriate.If you operate a Bring Your Own Device policy, ensure that former employees’ devices are recovered and/or wiped immediately. On the same theme, make sure that you give third-party users and remote workers only the minimum access they need to perform their role. Your virtual call center agents should not be able to access your company accounts!

Moving Beyond Hacks

Taken together, the tips and software hacks above will afford some protection from security breaches but they will never eliminate all danger. Security in the cloud is a process and there is no one-time hack or ‘silver bullet’ product that will render any business immune to the cyber criminals’ persistent efforts.The best course of action is to invest in proper staff training, lay sound security foundations (strong passwords, robust data protection policies, regular updates, compliance awareness, etc.) and keep up to date with the most recent developments in technology and IT security. 

Sort:  

Este Post ha recibido un Upvote desde la cuenta del King: @dineroconopcion, El cual es un Grupo de Soporte mantenido por 5 personas mas que quieren ayudarte a llegar hacer un Top Autor En Steemit sin tener que invertir en Steem Power. Te Gustaria Ser Parte De Este Projecto?

This Post has been Upvote from the King's Account: @dineroconopcion, It's a Support Group by 5 other people that want to help you be a Top Steemit Author without having to invest into Steem Power. Would You Like To Be Part of this Project?

this is a very great piece you have shared @adamedmond.

Thank you for such a kind words!

This post has been ranked within the top 50 most undervalued posts in the first half of Aug 22. We estimate that this post is undervalued by $14.51 as compared to a scenario in which every voter had an equal say.

See the full rankings and details in The Daily Tribune: Aug 22 - Part I. You can also read about some of our methodology, data analysis and technical details in our initial post.

If you are the author and would prefer not to receive these comments, simply reply "Stop" to this comment.