The Cloud: what threat is it to your data?
Ideas & initiatives
The trend towards rapid adoption of cloud services is reinforced by the widespread use of teleworking as a consequence of the COVID crisis. What should companies expect? What are the risks?
By spreading data in the cloud, the generalization of cloud technologies mechanically increases the amount of exposure to risks. Companies must identify these threats and know their role in terms of security.
The cloud has many advantages
The benefits of the cloud are well known. By offering scalable infrastructure and near-infinite computing power, the cloud is a prerequisite for all digital transformation.
In just a few clicks, developers can access a development and test environment, business experts can access a solution in SaaS mode, etc.
However, this counterpart to the agility is a mechanical increase in the exposure to risk. Whereas data used to be physically hosted in one place, namely the company’s infrastructure, it’s now scattered throughout the cloud, at various publishers’ and service providers’.
The widespread use of telecommuting caused by the pandemic crisis, has reinforced the trend.
But the fortress model is shattering
As a result, the use of the cloud has shattered the traditional defense system embodied by the fortress protected by its drawbridge, the firewall, and its guards, antivirus and other antimalware. There are many threats:
- According to the 2021 security report by Check Point Research, “over 80 % of organizations have found that their existing security tools did not work at all or had limited functionality in the cloud “.
- According to another Checkpoint report, the top vulnerabilities in cloud resources are unauthorized access (42%), non-secured interfaces (42%), configuration errors (40%) and account hijacking (39%).
- The Gartner research firm is even more alarmist, anticipating that by 2025, 99% of cloud security flaws will be caused by customers.
- In its latest barometer the French “Club des experts de la sécurité de l’information et du numérique” (Cesin) shares these findings. According to the interviewed members, the main risks of using the cloud are the lack of control over the hosting provider’s outsourcing chain and the difficulty of controlling access.
Perimeter solutions are insufficient and must be supplemented by new systems.
The CASB (Cloud Access Security Broker) acts as a sentinel by controlling network entries and exits according to company security policy.
Its main role is to prevent users from depositing data in the cloud that is not eligible for cloud storage, such as GDPR-relevant personal information or banking data.
The complexity of cloud technologies also makes it more difficult to detect the signs of a cyberattack and increases the response time. According to a study conducted this time by Kapersky the lack of visibility across the entire infrastructure is the most common obstacle companies face when dealing with complex threats.
By outsourcing their infrastructure to the cloud, companies are also making the mistake of offloading the security constraint to the providers.
However, if the providers propose different authentication and security services such as encryption, it’s up to the users to activate and configure them properly.
Il manque le dernier paragraphe.
Responsibilities are shared in the cloud
The provider and the user have shared security responsibilities.
The provider is responsible for the protection of its infrastructure, for the physical security of the datacenter, up to the software and network that make it possible to run its services. The user must secure the virtual machines and the data on them.
So the provider is responsible for the security of the cloud and the company is responsible for the security in the cloud.
It’s the user’s responsibility to configure the security settings and update the patches on the part that they are responsible for.
Which security solution for the cloud?
It will complete the system by implementing additional services that guarantee the confidentiality of user environments and shared spaces in the cloud using encryption.