Cloud computing, including Software-as-a-Service (Saas) and Platform-as-a-Service (PaaS), has revolutionized the way businesses use technology. For organizations, moving email or application workload to the cloud can allow them to leverage affordable storage or computing options.
According to Forbes, 83% of enterprise workloads will be in the cloud by 2020. As organizations move their data, email servers, or other applications to the cloud, security is often overlooked. Oftentimes the cloud is assumed to be secure by default, but it may not be configured securely. Additionally, accidents can happen. For example, thousands of API and cryptographic keys were found to be posted and accessible on GitHub .
When adopting an enterprise cloud computing strategy, 66% of IT professionals say security is a concern. We think that number should be higher.
Security in The Cloud
If you are responsible for migrating data or systems to the cloud or you’re configuring the public, private or hybrid cloud for your organization, it’s essential that you know how to protect your data.
Here are a few basic security concepts that you should know when moving to a cloud environment:
Protect Private Data – Sensitive, confidential and regulated data, such as HIPAA and PCI DSS, should be protected when making the transition to the cloud. Instead of putting sensitive data on the public cloud, consider using a private cloud or hybrid cloud to ensure that data stays private.
Ensure Data Integrity – Data integrity is achieved by making sure that data cannot be accessed, altered or deleted by anyone other than authorized parties. Two-factor authentication and logging can protect against unauthorized access and will leave an auditable record if it is accessed.
Be Realistic About Data Availability – Any major cloud provider guarantee 99% uptime of their cloud environment. Keep in mind that is 7.2 hours of downtime a month (almost a full business day). Consider having a live backup in another location to ensure your business doesn’t grind to a halt due to an outage.
Careful Encryption and Key Management – Most cloud providers encrypt data in transit using key-based algorithms. You may also encrypt your data in storage as well. However, as we mentioned above, encryption keys and other credentials should be kept secure and never posted publicly (*cough* GitHub).
Protect Against Threats – Threats are a part of being online. Period. Whether it’s a data breach, data loss, hijacked accounts or phishing, you are under attack. It’s crucial to have a plan in place and the tools you need to protect your data from threats.
Protect Your Public Cloud
As you are migrating data, processes, and applications to the cloud, having a service to manage and secure your assets is essential. Without being able to see your vulnerabilities, you can’t create a plan to protect yourself. Cloud Optix from Sophos provides tools to manage governance, risk, and compliance with easy to use templates, custom policies, and collaboration tools.
With Cloud Optix, you can:
- Continuously monitor compliance with standards, such as CIS, GDPR, SOC2, HIPAA, ISO 27001, and PCI DSS.
- Manage and track compliance to ensure important tasks using third-party integrations with tools like JIRA and ServiceNow.
- Respond to and remediate security risks with continuous asset monitoring and complete network topology and traffic visualization.
- Continuously monitor cloud asset inventory configurations and security group logs.
- Identify anomalous user behavior patterns to detect advanced automated attacks.
- Predict how network traffic may flow based on your security settings.
- Establish guardrails to prevent, detect, and remediate accidental or malicious changes in network configuration.
Are You Part of the 66%?
If you believe that security should be a concern in adopting an enterprise cloud computing strategy, consider ways you can protect your public cloud and your data. With tools like Sophos Cloud Optix available, there is no need to be vulnerable to threats.
If you’re interested in learning more about how you can protect yourself in the cloud, check out our post, 4 Ways to Improve Cloud Security.