One of the major concerns about any cloud deployment is the security of data deployed in the cloud. Although cloud providers ensure physical security of the data center and the servers, you are still responsible for your virtual machine and application security—even if the cloud provider is certified as meeting the compliance standards that apply to your industry.

This means you need to make sure your data, especially any sensitive data like strategic business plans or personally identifiable information, is protected against the risks it would have if it were in your own data center, as well as additional risks that arise because the data is in the cloud.

Risks to Data in the Cloud

Depending on the type of cloud service you use, some common risks, such as those that come from unpatched vulnerabilities, may be reduced. But cloud introduces new risks you need to prepare for:

• Inside attacks that don’t come from company insiders. Inside attacks are one of the major causes of data breaches. When your data resides in the cloud, you’re exposed to inside attacks from people who aren’t even company insiders: the cloud provider’s employees have insider access to your systems.
• Equipment shared with competitors. The hardware you use in the cloud isn’t dedicated solely to your use. It’s shared with other companies, potentially even your competitors. While your applications are isolated in virtual machines or through other methods, those virtual machines are controlled through software that has its own bugs. It would require a sophisticated attacker, but it’s theoretically possible to breach the boundary between virtual machines to access another business’s data.
• Misconfigured cloud servers put data on the public internet. Cloud servers need to connect to the public internet for cloud services to work, and it’s very easy to make a mistake when you configure a server and accidentally make files accessible by the public internet.
• APIs provide access. Cloud services are almost all accessed and controlled through APIs. Without proper controls, services can be misused, including the services you use to monitor and manage your cloud instances.

Defending Against Security Risks in the Cloud

Protecting yourself against risks in the cloud starts with understanding what your responsibilities are. Make sure you’re clear on the monitoring, controls, and protection the cloud provider handles. There’s a big difference between the security responsibility of a Software as a Service (SaaS) provider and the security responsibility of an Infrastructure as a Service (IaaS) provider.

No matter which type of cloud service you’re using, you’ll need to make sure that permission is granted only to authorized users. Making sure data is encrypted as it travels the network between your end users and the cloud service is also always your responsibility.

Have a process for reviewing the logs collected by the cloud provider. Those may not provide the level of detail you need, so consider adding additional monitoring tools that offer more information.

Make sure your cloud service is configured properly; there are many reports of data accidentally exposed in the cloud due to misconfigurations. Working with an experienced services provider like Prescient Solutions can ensure that your cloud is designed and implemented with security in mind. Contact us to learn how our cybersecurity expertise can protect your business from inside your data center to the cloud.

Additional Cyber Security Resources

Make Your Data Secure in the Microsoft Azure Cloud

Backing Up Virtual Machines In the Cloud Is Safe, Easy, and Cost-Effective

Encryption Isn’t Enough to Protect Applications in the Cloud

4 Top Information Security Risks You Need to Tackle