SlideShare a Scribd company logo

Cloud security risks

R
Revital Lapidot

The transition to cloud services provides many advantages to the organization, including scalability, flexibility, efficiency, reducing cost and enjoying an enterprise grade level of security that meets the highest standards. However, cloud services also entail various risks that the organization must recognize and mitigate before the transition to the cloud.

Technology
1 of 13
Download to read offline
11 Cloud Security Keep your data and services secured in the Cloud Baruch Menahem, CISSP, CCSK InfoSec Strategy Manager, Comsec
2 2 Challenges to Cloud • Lack of control over resources: Concerns related to lack of physical control, data and applications. • Less security visibility and control capabilities: The IT is not able to dictate things such as version control, patch frequency and code reviews. Therefore they will be forced to update their development, QA, administration and operations processes. • Internet dependency - performance and availability: Cloud computing services relies fully on the availability, speed, quality and performance of the internet. • Difficult to migrate: It is not very easy to move the applications from an enterprise to cloud computing environment or even within different cloud computing platforms.
3 3 Critical Threats to Cloud Security Cloud Security Alliance (CSA) has identified 8 critical threats to cloud security: 1. Enterprise cloud services are not enterprise-ready 95% of cloud services used in the average enterprise are not enterprise-ready from a security standpoint. 2. Data breaches Due to the huge amount of data stored on cloud servers, providers are an increasingly attractive target to cyber criminals. 3. Lack of encryption Encryption is one of the most basic methods for securing data, but many enterprises make the mistake of failing to encrypt sensitive data in the cloud.
4 4 Critical Threats to Cloud Security 4. Weak authentication and identity management A lack of proper authentication and identity management is responsible for data breaches within organizations. Cloud provider are usually support 2FA/MFA mechanisms but unfortunately, clients are not making use of it. 5. Insider threat An insider (a former employee, system administrator, contractor, or business partner) could destroy infrastructure or permanently delete data. Systems that depend entirely on cloud service providers for security are at greatest risk. 6. Account Hijacking Techniques like phishing and fraud are well known cyber threats, but cloud adds a new dimension to these threats as successful attackers are able to eavesdrop on activities and modify data.
5 5 Critical Threats to Cloud Security 7. Lacking due diligence Due diligence is the process of evaluating cloud vendors to ensure that best practices are in place. Part of this process includes verifying whether the cloud provider can offer adequate cloud security controls and meet the level of service expected by an enterprise. 8. DDoS attacks DDoS attacks often affect availability and for enterprises that run critical infrastructure in the cloud, this can be debilitating and systems may slow or simply time out. DDoS attacks also consume large amounts of processing power – a bill that the cloud customer (you) will have to pay.
6 6 Critical Threats to Cloud Security In order to reduce the risk of using cloud services, the following should be considered: • Use of encryption to protect data at rest as well as in transit. • Manage encryption key via HSM system. • Use MFA for accessing cloud resources. • Create and enforce dedicate security policy for cloud usage. • Monitor cloud accounts to make sure that every transaction can be traced back to a human owner. • Review accreditations and standards gained by cloud providers, including ISO 9001, DCS, PCI and HIPAA. • Use dedicated security systems such as IPS, WAF and DDoS protection to protect against external attacks. • Conduct security assessments and penetration tests. Remediation
7 7 Cloud Trends Centrally manage security from a private cloud Using a private cloud (either on premise or external) to centrally manage endpoint security. Especially useful when working with distributed networks (multiple branches / sites) or when distributed users are required to be protected according to the standard used in the organization. Can also reduce maintenance and licensing cost (managed by the cloud provider).
8 8 Cloud Trends Using the cloud as a front-end DMZ network Using the cloud as the internet gateway of the corporate network to transfer the handling of network attacks from the internet to the cloud provider. The cloud is used as a network extension (the Front-End DMZ) of the on premise network and used to host all internet facing services, while the on premise external network becomes the mediating layer (Back-End DMZ) which connects the two networks (by VPN / Direct Line connection). This implementation can also reduce cost to the organization by using managed cloud security services.
9 9 Cloud Trends Implementing a Cloud Stack Enjoy cloud benefits (e.g. scalability, flexibility, efficiency, cost and security) without relying on cloud vendors, by building an on premise private cloud using OpenStack, Azure Stack or any other cloud platform. Very useful for organizations that can not use cloud services due to regulatory and security constraints that do not allow them to store sensitive information in the cloud or to transfer core systems to the cloud.
10 10 Cloud Trends Private Cloud - Azure Stack
11 11 Cloud Trends Private Cloud - OpenStack
12 12 Sources • ComparetheCloud.com: 8 Public Cloud Security Threats to Enterprises in 2017 • Azure Stack: An extension of Azure • Azure Stack datasheet
13 +972 (0)3-9234277 Baruchm@comsecglobal.com Yegia Kapayim St. 21D, P.O. Box 3474, Petach-Tikva, Israel, 49130 www.comsecglobal.com Innovation, knowledge & Experience To keep you ahead of the curve Contact Us

Recommended

Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityRashmi Agale
 
cloud Resilience
cloud Resilience cloud Resilience
cloud Resilience Integral university, India
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Cloud Security_ Unit 4
Cloud Security_ Unit 4Cloud Security_ Unit 4
Cloud Security_ Unit 4Integral university, India
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responsesshafzonly
 
Microsegmentation for enterprise data centers
Microsegmentation for enterprise data centersMicrosegmentation for enterprise data centers
Microsegmentation for enterprise data centersNarendran Vaideeswaran
 

Recommended

Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityRashmi Agale
 
cloud Resilience
cloud Resilience cloud Resilience
cloud Resilience Integral university, India
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Cloud Security_ Unit 4
Cloud Security_ Unit 4Cloud Security_ Unit 4
Cloud Security_ Unit 4Integral university, India
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responsesshafzonly
 
Microsegmentation for enterprise data centers
Microsegmentation for enterprise data centersMicrosegmentation for enterprise data centers
Microsegmentation for enterprise data centersNarendran Vaideeswaran
 
Top 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in HealthcareTop 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in HealthcareBitglass
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0vivek_kale27
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top ThreatsTiago de Almeida
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securitygangal
 
Disaster recovery glossary
Disaster recovery glossaryDisaster recovery glossary
Disaster recovery glossarysinglehopsn
 
Software Security
Software SecuritySoftware Security
Software SecurityIntegral university, India
 
Cloud Security Myths Vs Facts
Cloud Security Myths Vs FactsCloud Security Myths Vs Facts
Cloud Security Myths Vs FactsOPAQ
 
Migrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesMigrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesVMware
 
Top Application Security Threats
Top Application Security Threats Top Application Security Threats
Top Application Security Threats ColumnInformationSecurity
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
 
Threats and risks to cloud computing
Threats and risks to cloud computingThreats and risks to cloud computing
Threats and risks to cloud computingRyo Matsumoto
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
Data security in cloud environment
Data security in cloud environmentData security in cloud environment
Data security in cloud environmentShivam Singh
 
Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber SecurityNiki Upadhyay
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affairGeorge Delikouras
 
VMware vRealize Network Insight 3.5 - Whats New
VMware vRealize Network Insight 3.5 - Whats NewVMware vRealize Network Insight 3.5 - Whats New
VMware vRealize Network Insight 3.5 - Whats NewVMware
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastJuniper Networks
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing Reza Pahlava
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfCiente
 
The ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertThe ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertChapter247 Infotech
 

More Related Content

What's hot

Top 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in HealthcareTop 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in HealthcareBitglass
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top ThreatsTiago de Almeida
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securitygangal
 
Disaster recovery glossary
Disaster recovery glossaryDisaster recovery glossary
Disaster recovery glossarysinglehopsn
 
Cloud Security Myths Vs Facts
Cloud Security Myths Vs FactsCloud Security Myths Vs Facts
Cloud Security Myths Vs FactsOPAQ
 
Migrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesMigrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesVMware
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
 
Threats and risks to cloud computing
Threats and risks to cloud computingThreats and risks to cloud computing
Threats and risks to cloud computingRyo Matsumoto
 
Data security in cloud environment
Data security in cloud environmentData security in cloud environment
Data security in cloud environmentShivam Singh
 
Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber SecurityNiki Upadhyay
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
VMware vRealize Network Insight 3.5 - Whats New
VMware vRealize Network Insight 3.5 - Whats NewVMware vRealize Network Insight 3.5 - Whats New
VMware vRealize Network Insight 3.5 - Whats NewVMware
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastJuniper Networks
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing Reza Pahlava
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 

What's hot (20)

Top 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in HealthcareTop 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in Healthcare
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top Threats
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
Disaster recovery glossary
Disaster recovery glossaryDisaster recovery glossary
Disaster recovery glossary
 
Software Security
Software SecuritySoftware Security
Software Security
 
Cloud Security Myths Vs Facts
Cloud Security Myths Vs FactsCloud Security Myths Vs Facts
Cloud Security Myths Vs Facts
 
Migrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesMigrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal Agencies
 
Top Application Security Threats
Top Application Security Threats Top Application Security Threats
Top Application Security Threats
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediation
 
Threats and risks to cloud computing
Threats and risks to cloud computingThreats and risks to cloud computing
Threats and risks to cloud computing
 
Cloud security
Cloud securityCloud security
Cloud security
 
Data security in cloud environment
Data security in cloud environmentData security in cloud environment
Data security in cloud environment
 
Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber Security
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affair
 
VMware vRealize Network Insight 3.5 - Whats New
VMware vRealize Network Insight 3.5 - Whats NewVMware vRealize Network Insight 3.5 - Whats New
VMware vRealize Network Insight 3.5 - Whats New
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning Fast
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 

Similar to Cloud security risks

Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfCiente
 
The ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertThe ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertChapter247 Infotech
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfDataSpace Academy
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
A Comprehensive Review on Data Security and Threats for Data Management in Cl...
A Comprehensive Review on Data Security and Threats for Data Management in Cl...A Comprehensive Review on Data Security and Threats for Data Management in Cl...
A Comprehensive Review on Data Security and Threats for Data Management in Cl...AJASTJournal
 
A Comprehensive Review on Data Security and Threats for Data Management in Cl...
A Comprehensive Review on Data Security and Threats for Data Management in Cl...A Comprehensive Review on Data Security and Threats for Data Management in Cl...
A Comprehensive Review on Data Security and Threats for Data Management in Cl...AJASTJournal
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)Glenn Ambler
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxsarah david
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfsarah david
 
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET Journal
 
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing SystemsProposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing SystemsHossam Al-Ansary
 
Celera Networks on Cloud Computing
Celera Networks on Cloud Computing Celera Networks on Cloud Computing
Celera Networks on Cloud Computing CeleraNetworks
 

Similar to Cloud security risks (20)

Security Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdfSecurity Considerations When Using Cloud Infrastructure Services.pdf
Security Considerations When Using Cloud Infrastructure Services.pdf
 
The ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertThe ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expert
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
A Comprehensive Review on Data Security and Threats for Data Management in Cl...
A Comprehensive Review on Data Security and Threats for Data Management in Cl...A Comprehensive Review on Data Security and Threats for Data Management in Cl...
A Comprehensive Review on Data Security and Threats for Data Management in Cl...
 
A Comprehensive Review on Data Security and Threats for Data Management in Cl...
A Comprehensive Review on Data Security and Threats for Data Management in Cl...A Comprehensive Review on Data Security and Threats for Data Management in Cl...
A Comprehensive Review on Data Security and Threats for Data Management in Cl...
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
Cloud provenance
Cloud provenanceCloud provenance
Cloud provenance
 
Cloud security
Cloud securityCloud security
Cloud security
 
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
glenn_amblercloud_security_ncc_event_22-may-2012_v1 (9)
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Cloud computings
Cloud computingsCloud computings
Cloud computings
 
UNIT -V.docx
UNIT -V.docxUNIT -V.docx
UNIT -V.docx
 
CLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEWCLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEW
 
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security Mechanism
 
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing SystemsProposed Model for Enhancing Data Storage Security in Cloud Computing Systems
Proposed Model for Enhancing Data Storage Security in Cloud Computing Systems
 
Celera Networks on Cloud Computing
Celera Networks on Cloud Computing Celera Networks on Cloud Computing
Celera Networks on Cloud Computing
 
Cloud Architect Company in India
Cloud Architect Company in IndiaCloud Architect Company in India
Cloud Architect Company in India
 

Recently uploaded

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 

Recently uploaded (20)

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 

Cloud security risks

  • 1. 11 Cloud Security Keep your data and services secured in the Cloud Baruch Menahem, CISSP, CCSK InfoSec Strategy Manager, Comsec
  • 2. 2 2 Challenges to Cloud • Lack of control over resources: Concerns related to lack of physical control, data and applications. • Less security visibility and control capabilities: The IT is not able to dictate things such as version control, patch frequency and code reviews. Therefore they will be forced to update their development, QA, administration and operations processes. • Internet dependency - performance and availability: Cloud computing services relies fully on the availability, speed, quality and performance of the internet. • Difficult to migrate: It is not very easy to move the applications from an enterprise to cloud computing environment or even within different cloud computing platforms.
  • 3. 3 3 Critical Threats to Cloud Security Cloud Security Alliance (CSA) has identified 8 critical threats to cloud security: 1. Enterprise cloud services are not enterprise-ready 95% of cloud services used in the average enterprise are not enterprise-ready from a security standpoint. 2. Data breaches Due to the huge amount of data stored on cloud servers, providers are an increasingly attractive target to cyber criminals. 3. Lack of encryption Encryption is one of the most basic methods for securing data, but many enterprises make the mistake of failing to encrypt sensitive data in the cloud.
  • 4. 4 4 Critical Threats to Cloud Security 4. Weak authentication and identity management A lack of proper authentication and identity management is responsible for data breaches within organizations. Cloud provider are usually support 2FA/MFA mechanisms but unfortunately, clients are not making use of it. 5. Insider threat An insider (a former employee, system administrator, contractor, or business partner) could destroy infrastructure or permanently delete data. Systems that depend entirely on cloud service providers for security are at greatest risk. 6. Account Hijacking Techniques like phishing and fraud are well known cyber threats, but cloud adds a new dimension to these threats as successful attackers are able to eavesdrop on activities and modify data.
  • 5. 5 5 Critical Threats to Cloud Security 7. Lacking due diligence Due diligence is the process of evaluating cloud vendors to ensure that best practices are in place. Part of this process includes verifying whether the cloud provider can offer adequate cloud security controls and meet the level of service expected by an enterprise. 8. DDoS attacks DDoS attacks often affect availability and for enterprises that run critical infrastructure in the cloud, this can be debilitating and systems may slow or simply time out. DDoS attacks also consume large amounts of processing power – a bill that the cloud customer (you) will have to pay.
  • 6. 6 6 Critical Threats to Cloud Security In order to reduce the risk of using cloud services, the following should be considered: • Use of encryption to protect data at rest as well as in transit. • Manage encryption key via HSM system. • Use MFA for accessing cloud resources. • Create and enforce dedicate security policy for cloud usage. • Monitor cloud accounts to make sure that every transaction can be traced back to a human owner. • Review accreditations and standards gained by cloud providers, including ISO 9001, DCS, PCI and HIPAA. • Use dedicated security systems such as IPS, WAF and DDoS protection to protect against external attacks. • Conduct security assessments and penetration tests. Remediation
  • 7. 7 7 Cloud Trends Centrally manage security from a private cloud Using a private cloud (either on premise or external) to centrally manage endpoint security. Especially useful when working with distributed networks (multiple branches / sites) or when distributed users are required to be protected according to the standard used in the organization. Can also reduce maintenance and licensing cost (managed by the cloud provider).
  • 8. 8 8 Cloud Trends Using the cloud as a front-end DMZ network Using the cloud as the internet gateway of the corporate network to transfer the handling of network attacks from the internet to the cloud provider. The cloud is used as a network extension (the Front-End DMZ) of the on premise network and used to host all internet facing services, while the on premise external network becomes the mediating layer (Back-End DMZ) which connects the two networks (by VPN / Direct Line connection). This implementation can also reduce cost to the organization by using managed cloud security services.
  • 9. 9 9 Cloud Trends Implementing a Cloud Stack Enjoy cloud benefits (e.g. scalability, flexibility, efficiency, cost and security) without relying on cloud vendors, by building an on premise private cloud using OpenStack, Azure Stack or any other cloud platform. Very useful for organizations that can not use cloud services due to regulatory and security constraints that do not allow them to store sensitive information in the cloud or to transfer core systems to the cloud.
  • 12. 12 12 Sources • ComparetheCloud.com: 8 Public Cloud Security Threats to Enterprises in 2017 • Azure Stack: An extension of Azure • Azure Stack datasheet
  • 13. 13 +972 (0)3-9234277 Baruchm@comsecglobal.com Yegia Kapayim St. 21D, P.O. Box 3474, Petach-Tikva, Israel, 49130 www.comsecglobal.com Innovation, knowledge & Experience To keep you ahead of the curve Contact Us