Cloud Security is essentially a shared responsibility model. (Provider and Subcriber)
Cloud Computing security is generally viewed as a complex area but does not have to be.
However, your essentially performing same functionalities as traditional IT security.
This includes protecting critical information from theft, data leakage and deletion.
Compromise of Platforms
Compromise of Credentials
Privilege Escalation
Denial of Service Attacks (DDoS)
Lack of Compliance Implementations
Inadequate Training for Personnel
2. Webinar Series
WELCOME!
Check that you can "raise your hand" next to your name on the left
When we start I'll ask everyone to raise their hand to verify you can
hear me
To ask a question during the presentation type it in the “Questions”
section and raise your hand to help me notice it
Slides will be available shortly after the presentation
Audio Recording will be published shortly after the presentation
5. Webinar Series
CLOUD SECURITY 101
Cloud Security is essentially a shared
responsibility model. (Provider and Subcriber)
Cloud Computing security is generally viewed as
a complex area but does not have to be.
However, your essentially performing same
functionalities as traditional IT security.
This includes protecting critical information from
theft, data leakage and deletion.
6. Webinar Series
CLOUD SECURITY 101
For Example: AWS applies the Shared
Responsibility Model to distinguish the different
aspects of security management.
AWS owns the infrastructure, physical network
and hypervisor.
The enterprise owns the workload OS, apps,
virtual network, access to its tenant
environment/account and the data.
7. Webinar Series
CLOUD SECURITY 101
Cloud Providers provide
numerous tools to help facilitate
cloud security vulnerability and
threat identification.
E.G – Google Cloud Compute
Engine Security Scanner or
AWS Inspector
8. Webinar Series
CLOUD SECURITY THREATS
As with any technology there
are generally vulnerabilities
and threats that will need to
be assessed and mitigated.
Threats can come from both
internal and external sources.
9. Webinar Series
CLOUD SECURITY THREATS
Compromise of Platforms
Compromise of Credentials
Privilege Escalation
Denial of Service Attacks (DDoS)
Lack of Compliance Implementations
Inadequate Training for Personnel
10. Webinar Series
LETS THINK ABOUT THIS!
“Through 2020, 95% of cloud security failures will
be the customer’s fault.”
—Gartner, “Top Predictions for IT Organizations
and Users for 2016 and Beyond”
12. Webinar Series
LETS GET STARTED.
Compromise of Platforms
Compromise of Credentials
Privilege Escalation
Denial of Service Attacks
Lack of Compliance Implementations
Inadequate Training for Personnel
13. Webinar Series
LETS GET STARTED.
Did you know that cloud data breaches are
usually a result of improper training?
For example
“Accenture left four S3 buckets open to the public,
exposing 137 gigabytes of customer data,
including customer credentials”. (Contained
Classified information)
15. Webinar Series
LETS GET STARTED.
Did you know that it is estimated that in” 2017
alone, over 99 billion records were exposed
because of data breaches.” Tripwire
With Cloud Computing there are special
considerations for cloud data services that must
be deployed with Application Programming
Interfaces.
16. Webinar Series
LETS GET STARTED.
Did you know that Automated Intelligence is
used more and more to help thwart cloud
attacks?
However, it also being used to perpetrate
attacks as well. Thru entity behavior analytics
(UEBA) these attacks can be initiated.
17. Webinar Series
LETS GET STARTED.
Did you know that insider threats are the cause
of the biggest security breaches out there, and
they are very costly to remediate.
According to a 2017 Insider Threat Report, 53
percent of companies estimate remediation
costs of $100,000 and more, with 12 percent
estimating a cost of more than $1 million
18. Webinar Series
10. Improve your key management. Whether your
using your vendors KMS or a third party consider
the following.
- Delete old IAM accounts.
- Work with HR to remove accounts
- Proactive identification of unused accounts
Cloud Security Top 10 Risk Mitigation Techniques for 2019
19. Webinar Series
9. Enable audit logging. (Stackdriver or CloudTrail)
- Enable logging and back up logs.
- Proactive filtering of logs
- Create alerts that search logs and notify you
- Perform Compliance audit
Cloud Security Top 10 Risk Mitigation Techniques for 2019
20. Webinar Series
8. Lock down protocols.
- Enable a “trickle” not a river..
- Turn off RDP to windows.
- Use centralized SSH bastion host.
- Allow services not people.
Cloud Security Top 10 Risk Mitigation Techniques for 2019
21. Webinar Series
7. Use Principle Least Privilege
- As a best practice use the “principle of least
privilege” by reducing
- Does that DB admin need Admin rights on the
EC2 or GCP VM instances?
- IAM on lockdown. Assign Permissions in a
granular approach and use groups.
Cloud Security Top 10 Risk Mitigation Techniques for 2019
22. Webinar Series
6. Review your DB Services
- Restrict network access to MySQL solely to
trusted devices.
- Review your signatures
- Assign proper roles
Cloud Security Top 10 Risk Mitigation Techniques for 2019
23. Webinar Series
5. Use Multifactor Authentication
- Many companies still use Single Factor
authentication. Why? its easier and no planning
required.
- Enable it. Every vendor supports this.
Cloud Security Top 10 Risk Mitigation Techniques for 2019
24. Webinar Series
4. Encrypt your data.
- Once again , many companies still take the
easy route. Why? its easier and no planning
required.
- Encrypt At Rest or In Flight
- GCP is fully encrypted by default at rest (DEK)
Cloud Security Top 10 Risk Mitigation Techniques for 2019
25. Webinar Series
3. Reference Cloud Provider best practices
- AWS has a robust portfolio of best practices.
GCP has some out there but not as concise as
AWS.
- The vendor is your best source in regards to
how their service works.
- Whitepapers, workflows and techtips.
Cloud Security Top 10 Risk Mitigation Techniques for 2019
26. Webinar Series
2. Build Security into your DEVOPs practices
- Sometimes the best way to mitigate
vulnerabilities is to find them before your in
production.
- Use a CI/CD Pipeline
- Consider A/B testing if needed
Cloud Security Top 10 Risk Mitigation Techniques for 2019
27. Webinar Series
1. Secure your APIS and your Endpoints
- Application Programming Interfaces should be
have a configuration review to ensure all
authentication, authorization, logging and
monitoring controls are aligned to industry
benchmarks.
- API Lifecycle management
- Endpoints are critical. Proxy.
Cloud Security Top 10 Risk Mitigation Techniques for 2019
28. Webinar Series
Consider a Training Plan for your Organization as
well.
- Remember that 95% of cloud security issues are
a result of the customer!
- Mitigation of issues can be understood with a
proper training plan.
Cloud Security Top 10 Risk Mitigation Techniques for 2019