Every day more organizations are moving their operation to the cloud. This means most, if not all, of their data is also accessible in the cloud. This makes the cloud more interesting for cloud hackers. Most security issues arise from credential theft and weak spots in cloud security. The importance of sufficient cloud security is becoming more important than ever. When we look at AWS cloud security, there are five big threats to keep in mind:
#1 Lacking password management
If the cloud is your kingdom, passwords and credentials are the key to getting into it. Credentials grant you access to all kinds of exploitable data. They are an absolute goldmine for anyone with bad intentions. Research shows that over 50% of users use the same password for almost all of their accounts. That means that theoretically half of the people who can access your cloud infrastructure, do it with the same password they use for their Facebook or Google account. The moment the big players suffer a data leak, hackers can use those passwords to try to get into all of the users’ other accounts, including your organization’s cloud data.
Preventing this data breach starts with setting the right password rules. Think about password length and more complex requirements such as including numbers and symbols. Users will now be obligated to choose a strong password. To avoid the reuse of passwords, you need to be able to remember them all, a seemingly impossible feat. But that’s where a good password manager comes in. So educate your users in good password management, and practice what you preach!
#2 Insufficient encryption
Traffic and data encryption creates trust among approved users. It makes it possible to work efficiently without any security risks. Sending forms, files and data through encrypted channels protects your data, your users and your company. We call this encryption in transit. Encryption is also an essential part of secure data storage. You cannot afford any weak links in the protection of sensitive data. We call this encryption at rest. Be sure to prioritize data and traffic encryption in your AWS cloud setup.
#3 Insider threat
As much as you train and educate your users, sometimes they still may unintentionally cause your cloud security to be at risk. By installing an unauthorized extension to their browser or too many failed login attempts, for example. You need to be able to pick up on unusual network activity like this in order to follow up with the user in question or snuff out an actual security threat. That requires consistent real time monitoring, logging and archiving those logs on encrypted storage. Ensure that you set up a variety of monitoring alerts that notify you of any aberrant behavior.
No less than 90% of system breaches start with users opening a phishing email, waich they are shown to do in about 30% of cases. There are two things you can do to get those numbers down. First of all, train your users in recognizing phishing attempts and teach them to report these to your security team. Secondly, protect your AWS root account. You can do this by enabling multi-factor authentication. Also, make sure the root account isn’t linked to any personal or external accounts. The next step would be to use a multiple AWS account strategy. By doing this, not all of your assets will be at risk when one of them is compromised.
#5 Not planning ahead
No matter how well you set up your cloud environment, things will go wrong. Accidents will happen. Unforeseen issues will arise. That’s a normal part of working in evolving technologies. But what it all comes down to at a moment like that is having an adequate incident recovery plan. Essentially, that means you imagine every worst-case scenario beforehand and create a plan for how you will handle it, should it come to that. That way, even if you are faced with a security issue, you will know exactly what to do and be able to minimize your downtime as well as any loss of data, resources and time.
Do you want to exchange ideas about how well-prepared your organization is for cloud related security threats? Get in touch with Cloudar, an official Next Generation AWS Managed Service Provider Partner.