by Ramona Carr

Top Challenges in Cloud Security for 2018

Cloud computing is a fast-growing, lucrative industry. The seven largest enterprise cloud vendors—Microsoft, Amazon, IBM, Salesforce, Oracle, SAP, and Google—posted a combined 2017 cloud revenue of $76.3 billion.

These earnings, combined with the sheer volume of data stored in the cloud naturally make cloud computing a target for cybercriminals. Sensitive data stored in the cloud is at risk if it isn’t secured properly.  Cloud security involves a broad set of regulations, technologies, and policies to protect data, applications, and the ever-expanding infrastructure of cloud computing.

Critical Challenges to Cloud Security in 2018

The Cloud Security Alliance (CSA) compiled comprehensive reporting on the top 12 threats to cloud security. Of the 12, there are five critical challenges we feel you must address right away. The following summary offers a roadmap to protecting your organization from the most common cloud security risks.

1. Data breaches

Small businesses and nonprofits often assume they are immune to data breaches. Large organizations tend to be overly-confident that they are protected against this risk. Unfortunately, the number and scope of data breaches is growing every year, and no company or industry is safe.

In the first six months of 2017, there were 791 data breaches reported – a 29 percent increase compared with the same period in 2016. The data loss has impacted organizations in every industry:

  • 55 percent occurred in the general business sector
  • 23 percent occurred in the healthcare industry
  • 10 percent occurred in the education sector
  • 6 percent occurred in the financial services industry
  • 6 percent occurred in the government/military

These are just a few of the incidents that were reported in 2017:

  • An Equifax breach exposed the sensitive personal data of more than 145 million people.
  • Hacking tools believed to originate with the National Security Agency (NSA) and the Central Intelligence Agency (CIA) were leaked to the public.
  • In her Congressional testimony, former Yahoo CEO Marissa Mayer stated that a 2013 data breach compromised three billion Yahoo user accounts – not the one billion figure originally reported.

While data breaches are not unique to cloud computing, these incidents have a devastating effect on cloud users. Billions of records were lost to data breaches in 2017, many of which involved cloud servers.


2. Inadequate Access Management

Even the most advanced cloud security can’t protect against theft when data thieves have system access. Unfortunately, unauthorized access is a significant issue. Organizations of every size demonstrate “a lack of scalable identity access management systems, failure to use multi-factor authentication, weak password use, and a lack of ongoing automated rotation of cryptographic keys, passwords and certificates,” making this one of the top five issues to address in 2018.


3. Spectre and Meltdown

One of the most alarming cloud security-related issues of 2018 was uncovered at the end of 2017. A flawed set of design features in most modern microprocessors has the potential to permit content to be read from memory through the use of malicious JavaScript code. These two design features have since been (ominously) named Spectre and Meltdown.

Spectre affects almost every system, including desktops, laptops, cloud servers, and smartphones. According to the CSA report, Meltdown affects cloud providers “which use Intel CPUs and Xen PV as virtualization without having patches applied. Furthermore, cloud providers without real hardware virtualization, relying on containers that share one kernel, such as Docker, LXC, or OpenVZ are affected.”


4. Data Loss

Accidents happen, and human error is inevitable. Even when actions are not malicious, data can be permanently lost if it is not backed up properly. CSA offers the following guidance to mitigate this risk:

Cloud consumers should review the contracted data loss provisions, ask about the redundancy of a provider’s solution, and understand which entity is responsible for data loss and under what conditions. Some providers offer solutions for geographic redundancy, data backup within the cloud, and premise-to-cloud backups. The risk of relying on the provider to store, backup and protect the data must be considered against handling that function in-house. The choice to do both may be made if data is highly critical.”


5. Denial of Service (DoS) attacks

DoS attacks are attacks meant to disable a machine or network, making it inaccessible to its intended users. The rise of cryptocurrency like Bitcoin and Ripple makes it possible for DoS attacks to happen more frequently. Through the use of cryptocurrency, cybercriminals no longer have to learn the necessary skills or have control over a botnet. They can simply pay another hacker through these funding methods to do the job for them.


Cloud Encryption Solutions

The necessity of protecting yourself against increasing threats to the cloud is a critical issue in 2018. Fortunately, there are effective, well-tested solutions available. For example, data encryption has been shown to dramatically reduce the likelihood of a data breach.

Since 2013, only 4 percent of data breaches have occurred where encryption was used. In the few cases where data was compromised, the stolen records were rendered useless by encryption tools. As a result, unauthorized parties were unable to use or sell the information.

Deploying encryption software in the cloud can reduce the likelihood of a data breach in the event of an attack.

Finally, cloud encryption can also mitigate the impact to an organization’s public image and reputation when a breach does occur. Per the General Data Protection Regulation (GDPR), companies using encryption aren’t required to file a report according to the 72-hour breach notification rule, and can avoid related penalties.

Learn more about high performance, scalable data encryption for the cloud and how it can reduce the risk for your organization with a free trial of our advanced encryption software.