Help Nepheale!

Nepheale is the goddess of the clouds in Greek mythology. She is the nymph who takes care of the clouds and flourishes the earth with the rain securing the system. So, are we going to secure clouds? The answer is 'yes but no'. I just needed your attention. We are going to see how to secure the cloud but it's not Nepheale's cloud. Let's see what this new cloud is.

Have you heard about ‘cloud’?

The word cloud is not something unfamiliar to us. But today the word ‘cloud’ refers to a separate meaning and it’s being so popular among us. Simply this cloud refers to software services which are running on the internet instead of running locally on your computer. Google Drive, Apple iCloud are some examples for cloud services. 

 Do you still wonder why the word, ‘cloud’ is used for this? It’s just because of the cloud symbol used in flow charts and diagrams to symbolize the internet. All the information being accessed can be found remotely in a virtual space or cloud.

 

Cloud computing

In the modern-day world cloud computing is achieving a considerable popularity because of its on-demand availability of computer system resources. The process of storing and accessing data and programs using internet instead of your computer hard drive is cloud computing. Data storage and computing power don’t need to be managed exactly by the user and you can access this data being in anywhere at any time using internet.

Why do you need cloud security?

Most business organizations have recognized that it’s ideal to use cloud-based services as their business requirements grow day by day and it’s easier to scale up the cloud capacities, drawing on the service’s remote servers. Other people are also using cloud computing services.  It’s more secure to store information in the cloud than your own devices or physical databases. But absolutely there’s a risk to be attacked by cyber threats. Sudden leakages of your sensitive data, loss of data, backup errors and accessing data by unauthorized parties should never happen. Therefore, you need to be sure about the safety of your data when they’re stored in the cloud. Then we need cloud security (cloud computing security). It’s important for business organizations as well as personal users.

According to recent study, one out of every four companies that use public cloud services has had data stolen by a malicious party. An additional one out of every five people has had an advanced cyberattack on their public cloud infrastructure. According to the same research, 83 percent of businesses said they keep sensitive data on the cloud. With 97 percent of businesses using cloud services today, it's important that everyone assesses their cloud security and adopts a data-protection policy.

Cloud security and cloud computing categories

In cloud security, it focuses on how to secure the cloud. The process of protecting cloud-based data, applications and infrastructure from cyber threats can simply be defined as cloud security. The set of policies, terms, technologies which are used here ensures the authentication of users, devices and it controls the access for data maintaining the protection of data privacy.

Cloud security varies depending on the category of cloud computing used. So, four main categories can be seen.

1. Public cloud services operated by a public cloud provider

Include SaaS, PaaS, IaaS

2. Private cloud services operated by a public cloud provider

Provide a specialized computer environment for a single customer, which is managed by a third party.

3. Private cloud services operated by an internal staff

An evolution of the conventional data center, in which internal personnel manage a virtual environment. 

4. Hybrid cloud services.

Cost, security, operations, and access may all be optimized by combining private and public cloud computing configurations to host applications and data. Internal workers and, if desired, the public cloud provider will be involved in the operation.

5. Hybrid cloud services.

Cost, security, operations, and access may all be optimized by combining private and public cloud computing configurations to host applications and data. Internal workers and, if desired, the public cloud provider will be involved in the operation.

Cloud security responsibilities

You should be aware whether your cloud service provider (CSP) meets your security requirements. Cloud service providers are mostly responsible for backend development against security vulnerabilities. Cloud service providers cannot control the way the clients use the service. As the clients we have the responsibility to be sure that network and hardware are properly secured and we should wisely decide what data should be added to the cloud, who has the access etc. Therefore, cloud security is a shared responsibility between CSP and the client and this segmentation of cloud security responsibilities is vital. Each public cloud service type has varying levels of security responsibilities shared by the cloud service provider and the client. Mainly there’re three levels by the service type. 

1.      SaaS – Software-as-a-service

Customers are responsible for the security of their data, user access.

e.g. Email, office tools (Microsoft Office 365)

 

2.      PaaS - Platform-as-a-service

Customers are responsible for the security of their data, user access and applications.

e.g. Salesforce Heroku, AWS Elastic Beanstalk, Microsoft Azure, Engine Yard

 

3.      IaaS - Infrastructure-as-a-service

Customers are responsible for the security of their data, user access, applications, operating        systems and virtual network traffic.

    e.g. Microsoft Azure, Digital Ocean, AWS

You can notice that in all public cloud service types clients are responsible for the security of  data and controlling access for data. To gain the best benefits from the cloud it’s mandatory to have cloud security discipline.

Cloud security challenges

Today, the globe faces a plethora of cloud security issues. These cloud security challenges arise   because the data in the cloud is stored by a third party and can be accessed over the internet. 

Some of them are mentioned below.

•   Visibility into cloud data
•   Control over cloud data
•   Access to cloud data
•   Compliance
•   Cloud-native breaches
•   Misconfiguration
•   Disaster recovery
•   Insider threats

    Cloud security solutions

• When compared to non-cloud security systems, cloud security features improve worldwide monitoring and tracking of threats. They provide signature and real-time firewall updates, as well as protection against risky traffic.
• Continuous monitoring and web application attack prevention provide 24/7 live tracking and security of websites, APIs, serverless apps, containers and other web applications.
• In addition to network and application scanning, cloud security solutions boost application performance by utilizing resources that can scale up and down on demand.

    Examples for cloud security solutions in the market

• Check Point CloudGuard
• CloudPassage Halo
• Threat Stack Cloud Security Platform
• Symantec Cloud Workload Protection
• Datadog
• Hytrust
• PaloAlto Prisma
• Fortinet
• Cisco Cloud Security
• Lacework
• CipherCloud
• Qualys
• Sophos
• Proofpoint
• SiteLock

 

    🖊 Harindi Balasuriya