How to overcome threats, attacks and data breaches
In the past, it may have been acceptable to have a trade-off between security and availability, but today, that is no more – business need secure data and applications, available anywhere, from any device.
This trade-off may no longer be acceptable, but there are still multiple challenges in keeping the cloud secure.
Challenge 1: DDoS attacks
As business operations continue to move to the cloud, cloud providers are a more appealing target for malicious attacks and as a result, distributed denial of service (DDoS) attacks are more common than ever before.
Our research has shown that in 2015, the number of DDoS attacks doubled compared to the previous year. They have also widened in scope – previously the main targets were gaming companies, but now public institutions and financial providers are just as vulnerable to attacks.
A DDoS attack is designed to overwhelm website servers so it can no longer respond to legitimate user requests, usually using a hired ‘botnet’ of compromised devices. If a DDoS attack is successful, it renders a website useless for hours, or even days. This can result in a loss of revenue, customer trust and brand authority. Even if the DDoS attack is not fully successful and only slows the website down, this can have a similar effect on reputation.
Complementing cloud services with DDoS protection is no longer just a good idea for the enterprise; it’s a necessity. Websites and web-based applications are core components of 21st century business and require protection from this common attack.
Challenge 2: Data breaches
2015 saw the UK suffer the most data breaches in Europe, with 154 known breaches in six months – far more than second-placed Germany with 11 breaches and third-placed Netherlands, with just 8.
IT professionals have in the past had a great deal of control over network infrastructure and physical hardware (firewalls, etc.), and securing vital data. In the cloud, whether it’s private, public or hybrid cloud, some of those controls must be ceded to a partner. Choosing a vendor you can trust, with a strong record of security, is vital to ensuring data remains secure.
Challenge 3: Data loss
When business-critical information is moved into the cloud, it’s understandable to be concerned with its security. Losing data from the cloud, either through accidental deletion, malicious tampering, or other disaster could cripple a business. Often a DDoS attack is only a diversion for a greater threat, such as an attempt to steal or delete data.
A disaster recovery process is imperative, as well as an integrated system to mitigate malicious attacks. Protecting every network layer, including the application layer (layer 7), must be built-in to a cloud security solution.
Challenge 4: Insecure access points
One of the great benefits of the cloud is it can be accessed from anywhere and from any device. This does create a potential weakness – what if the interfaces and APIs users interact with aren’t secure? Hackers could find these types of vulnerabilities and exploit them.
A behavioral web application firewall scrutinises HTTP requests to a website in order to only allow legitimate traffic. This always-on device helps protect web applications from security breaches.
Challenge 5: Notifications and alerts
Awareness and proper communication of security threats is a cornerstone of network security and the same goes for cloud security.
Alerting the appropriate personnel as soon as a threat is identified should be part of a thorough security plan. Speedy mitigation of a threat relies on clear and prompt communication, so the right steps can be taken by the proper entities, and the impact of the threat minimized.
Meeting the cloud security challenge
Cloud security challenges are not insurmountable: with the right partners, technology and forethought, enterprises can easily benefit from cloud technology.