Thursday, 13 October 2022

Securing the data in the cloud- a critical aspect of Cloud Security

The digital lifestyle of today is not only adopted by the young in metros but across regions and among all age groups, not for only entertainment, but shopping, bank transactions, games, healthcare, education, and more. More importantly, digital transformation has become the mantra that is driving new business models at organizations of all sizes.  Massive amounts of data generated across all industry verticals with digital technologies pervading everywhere have brought about several business benefits to organizations.

It is here the cloud is playing a key role with its limitless storage and computing resources.  Organizations are experiencing several benefits of adopting the cloud, such as cost reduction, high speed, flexibility and scalability, mobility, collaboration, rapid deployment, delivering a competitive edge, and more.  Gartner says by 2025, 51% of IT spending in key market segments of application software, infrastructure software, business process services, and system infrastructure markets will have shifted from traditional solutions to the public cloud, compared to 41% in 2022. 

Cloud security and the shared-responsibility model

Some organizations are just about to start their cloud migration journey while others are adopting advanced multi-cloud and hybrid cloud strategies already.  Irrespective of the stage they are in, digital transformation and cloud adoption have stretched the IT and network infrastructures leading to the expansion of the threat landscape.  Yes, with more businesses migrating to the cloud, cybercriminals are also shifting their focus there, putting cloud security on high priority for businesses.  The lapse in cloud security can lead to productivity, reputation, revenue, and customer losses.  In addition to preventing breaches and data loss, securing the cloud helps in meeting regulatory and compliance requirements, while ensuring business continuity.

Protecting the cloud infrastructure, data, and applications from threats by leveraging technologies, services, security mechanisms, policies, and controls come under the umbrella of cloud security.

Cloud security follows a shared responsibility model, where the Cloud Service Provider (CSP) takes the responsibility of ensuring the cloud infrastructure is reliable and secure.  The host operating system and the virtualization layer are managed and controlled by them.  The CSPs are responsible for the servers and storage.  Customers, on the other hand, have to manage the security of the network infrastructure, business application management, and guest operating system, besides business and customer data. 

Data security in Cloud is critical

Just because your data is in the cloud, it does not necessarily be safe.  At the outset, the IT security teams have to ensure the visibility and monitoring of the entire infrastructure.  Depending on the kind of data and its degree of sensitivity, cloud architecture, accessibility to the different security tools, and different categories of authorized users, one can follow the relevant measures in securing the data in the cloud.  The IT security team has to encrypt data-in-transit, data-at-rest, and the processing data. 

To ensure only relevant users have access to the cloud data, Identity and Access Management (IAM) technology has to be implemented.  Multi-factor authentication (MFA) helps in mitigating the risk of compromised credentials. Cloud-edge security solutions such as firewalls have to be adopted.  Cloud data should be backed up where three copies are made, isolated, and stored in different media with one copy stored offsite.  Data access and any related changes to it must be continuously monitored. 

Cloud-specific models for data security include Secure Access Service Edge (SASE), Zero-trust network access (ZTNA), Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPPs), and Cloud Access Security Brokers (CASBs). 

Now, AI for IT operations (AIOps) and Network Detection and Response (NDR) are some of the other tools that are considered to secure data.

CIA (Confidentiality, Integrity, and Availability) triad, which are the core principles that form the basis of security systems and data governance can also be applied to securing the data on the cloud.  Organizations should also ensure they follow cloud security best practices for enhanced data protection on the cloud.

This article has been written by Rahul S Kurkure, Founder and Director of Cloud.in.

No comments:

Post a Comment

AWS CodeGuru Elevating Code Security

  Security and code quality are paramount in today’s fast-paced software development landscape. As the cornerstone of DevSecOps, Static Appl...