Security in cloud computing: what you need to know

What is cloud computing?

Cloud computing is the use of online, on-demand IT resources. Businesses that use cloud computing don’t need to buy and maintain their own servers or data centers — they (or their users) can access everything they need online.

How do businesses use cloud computing technology?

• Customer-oriented services like Netflix stream video content stored on the cloud to users on their platform. Netflix doesn’t have its own servers and databases — they use cloud computing technology provided by Amazon Web Services.
• Some companies use cloud computing to develop and test software. These processes call for a lot of computing power that a company might not have and that would be expensive to acquire and maintain. Therefore, they turn to cloud computing on a pay-as-you-go basis, which enables the company to upscale and descale their computing power as needed.
• Cloud computing is used to back up data and processes. If something was to happen to its main datacenter, the company could keep the service running through cloud computing.
• Cloud computing is also very useful when dealing with big data. If you want to get valuable information and data-based insights out of massive amounts of data, you need lots of computing power to work through it.

Security risks in cloud computing

When you run your whole operation from the cloud, one mistake compromises everything — not just different sections of it. Data breaches are these businesses’ worst nightmares. They store their most sensitive data in the cloud: intellectual property, personally identifiable information about users and staff, financial data, etc.

A breach would directly translate into potentially massive financial losses. These can be legal fees or the loss of loyal and potential customers. People shy away from businesses they can’t trust, and depending on the situation and how it was handled, it could be impossible to recover from.

Cyberattacks are another thing you must consider when operating from the cloud. Cryptojacking, for example, is difficult to spot and slows down your operations significantly. You might even think that you need more computing power to handle the load, without ever considering the possibility that someone is secretly using your resources for cryptocurrency mining.

On the other hand, a distributed denial of service (DDoS) attack is instantly noticeable. If your system, run solely from the cloud, is flooded with requests and crashes, it could lead to serious downtime — anywhere from a few minutes to even hours. This once again means that your revenue and reputation suffer significant blows.

Cloud computing security measures to look for

When looking for a cloud computing service provider, see if they have the right security measures in place:

• Firewalls. Cloud computing needs cloud firewalls. On the surface, they’re much like traditional firewalls that guard companies’ internal networks. They are also hosted in the cloud, together with the whole infrastructure and processes they are supposed to protect. Cloud firewalls form a virtual barrier and filter out malicious connections.
• Encryption. The data stored in the cloud and in transit must be encrypted. Your cloud computing provider should support both. It’s also important that your users (if you employ cloud computing to run a user-oriented application) can use your service securely. So, make sure SSL/TLS encryption is in place, and your clients and their data are safe.
• Identity and access management (IAM). This is an essential part of any cloud computing security plan. IAM is a way to manage all users, their identities, and the access levels granted to them by the administrator. It also tells the system who the user is and what privileges they have.
• Regular security audits. Vulnerability management is vital. Everyone makes mistakes and bugs often come up in systems that have worked perfectly for years. If your provider scans their systems for vulnerabilities regularly, they will be able to release patches before those vulnerabilities go public. This will prevent cybercriminals from exploiting them and keep your data and applications safe.
• Backups. Attackers can surpass firewalls and exploit vulnerabilities that have never been heard of before (these are called zero-day vulnerabilities). However, when Amazon Web Services went down in 2017, Netflix kept on working because they were able to transfer their applications to unaffected zones in the network. Downtime means significant losses in revenue and consumer trust, so if something happens, the provider must have a backup plan in place.

The most important thing is to find a provider you can trust. Since you will be using Shadow IT (meaning, most of your processes will be managed outside of your premises and without your IT department’s knowledge), trust is key. You have to know they will be able to keep your data, operations, and users safe.

Cloud security is your business too

Even though the cloud computing provider does most of the work when it comes to security, the client also has a significant role to play:

1. Have strict access controls in place. You don’t want to give complete access to all of your employees. One compromised account or hostile employee could mean leaked customer data, crashed services, and stolen intellectual property. Instead, carefully plan which of your employees need access to different parts of the system. Furthermore, make sure everyone is aware of phishing, man-in-the-middle, session hijacking, and other kinds of social engineering attacks.
2. Use strong passwords. Encourage employees to use long, complicated passwords that are hard to crack and next to impossible to remember by heart. Employ the NordPass password manager to store and share passwords securely. This way, your employees won’t compromise your company’s security by sharing passwords in plain text or over unsecured Wi-Fi.
3. Protect data in the cloud. If you use the cloud for storage as well, make sure to protect the data you have in there. Using NordLocker to encrypt your files is a great way to start. You can learn more about cloud storage security here.
4. Protect data in transit. Get a VPN and encourage your employees to use it every time they connect to the cloud service. It will encrypt all traffic between their devices and the cloud and allow them to log in from anywhere in the world. As more and more people work remotely or on the go, a secure connection can be difficult to come by. Try NordLayer to solve this problem. It will help with whitelisting, as you will be able to control what IP addresses are allowed to access specific resources.

Stay secure and private with NordVPN. Try it now with a 30-day money-back guarantee.