Protecting data in the cloud remains one of the biggest challenges for companies that have moved their infrastructure to the cloud. Systems in the cloud use the same operating systems as systems in data centers, and they have the same vulnerabilities and suffer the same malware attacks. In addition, the distributed nature of cloud services means there are many more passwords and keys to be protected. There are also new means of attack through APIs and cloud management dashboards.

Companies need to take strong measures to protect themselves against these attacks. Planning for security of your assets in the cloud requires implementing tools and procedures to address these areas:

• Firewalls. You should be able to integrate firewalls, intrusion detection, and other security tools into your cloud environment. When possible, using the same tools used on premises makes this simpler for your staff, but not all tools are compatible with all clouds.
• Configuring cloud and applications. Configuration details matter in the cloud. Default settings may expose applications and data to the internet. It’s important to have a process to review all cloud and application configurations to ensure appropriate protections are in place.
• Identity and access management. Simplify identity and access management in the cloud by using role-based controls and federated systems that integrate the cloud with your on-premises identity tools.
• Key management. Security in the cloud depends as much on encryption as security in on premises systems, but it adds the challenge that the encrypted systems aren’t fully under your control. For the most security, use an encryption process that allows you to generate and manage your own keys, rather than relying on the cloud provider to keep your keys secure.
• Incident handling. It’s often said that security in the cloud is a shared responsibility of the cloud provider and the cloud customer; incident handling must also be shared, and it’s important that your business understands the cloud provider’s role and your own. Either your or the cloud provider may identify that an incident has occurred and should notify the other party. Some information needed to investigate and respond to the incident may only be available through requests to the cloud provider. You should understand how to communicate with your cloud provider and how they will provide data without compromising the security of other tenants on shared resources.
• Logging. You should have access to logs that provide details of all activity on your instances and cloud applications. Ideally, you should be able to access logs in real time and integrate the data with your standard event monitoring tools.
• Patch management. Depending on your arrangement with your cloud provider, the provider may handle some of the responsibility for applying patches to your infrastructure. Unless you’re using Software as a Service, however, it’s likely you’ll still be responsible for applying some of the patches. In either case, you should have a process for tracking patches and making sure you understand where your instances stand with respect to protection against vulnerabilities.

How are you handling these important security tasks in the cloud? Prescient Solutions brings cybersecurity expertise to our IT consulting, managed services, and Azure support for clients in Chicago and Schaumburg. Contact us to learn how Prescient Solutions can help you keep your cloud secure.