<img alt="" src="https://secure.dawn3host.com/211761.png" style="display:none;">
Keeran Networks Blog

    How to Mitigate Cloud Threats

    Mar 20, 2018 10:00:00 AM Keeran Networks Cloud Solutions

    AdobeStock_136013319.jpeg

    Cloud computing is fast becoming the method of choice for many businesses. According to a survey conducted by companies currently use public clouds for 41 per cent of their workloads.

    Cloud computing services rely on a network of remote, distributed, virtual servers connected on the Internet. When changing to the cloud, a business needs to work with a cloud service provider (CPS) to deal with managing and maintaining the service.

    Even though a service provider provides the cloud, the primary responsibility for protecting corporate data in the cloud lies with the cloud customer.

    Some top concerns with cloud solutions include lack of control over data locations, the potential for third-party access, and lack of visibility on the part of the service provider. 

     

    Cloud computing models

    Before learning the best practices for mitigating security threats, you first need to know the difference between the three cloud models. These models are Software as a Service, Platform as a Service, and Infrastructure as a Service.

    • Software as a Service (SaaS)
      • SaaS is when users subscribe to applications hosted by a provider. A typical security threat to SaaS services includes theft of user logins and passwords.
    • Platform as a Service (PaaS)
      • This model is more common with developers and programmers because it does not typically involve ready-to-go applications. With PaaS, the provider rents the platform and hardware required by the developer. Main security threats for PaaS services include insufficient or breached authentication and unwanted access.
    • Infrastructure as a Service (IaaS)
      • This model provides users accesses infrastructure hosted and maintained by a provider. With IaaS, organizations can rent physical and virtual machines, virtual data centres, firewalls, and VPN. Common security threats include non-compliance with industry-standard regulations, inadequate data protection, and insufficient physical protection. 

    Related: How to Detect Incoming Threats in the Cloud

     

    Risk Mitigation Strategies

    If your company is using a cloud computing solution, you need to be aware of the following strategies to help minimize security risks.

    • Do your due diligence when researching a cloud solution
      • Whether you decide to use SaaS, PaaS, or IaaS you need to research your potential vendors thoroughly. You should examine your vendor's security history, check for references, and check for any known security vulnerabilities. You should also make sure that your contract with them includes proactive security practices on their end.
    • Utilize a Single Sign-on (SSO) solution to add security (and convenience)
      • By downsizing to a single sign-on environment, you reduce the number of potential security weaknesses.
    • Work with a third party to assure cloud security on a regular basis
      • You should utilize third-party audits to ensure that your cloud provider is following your industry's standards of security.
    • Implement end-to-end encryption
      • End-to-end encryption will decrease the likelihood of your data being breached.
    Migrating to the cloud can bring many benefits to your business. You just need to make sure to do your research before starting the endeavour. Attention should be paid to measures that can be taken proactively at all stages. Mitigating cloud computing risks should be a priority for any organization that wants to move away from in-house hardware and applications.
    Keeran Networks

    Written by Keeran Networks