What is cloud security?Cloud security is the security policies, security controls, security checks and other security solutions that protect cloud data, applications, APIs and your overall infrastructure from security risks.
Cloud and security flaws
Cloud means increased exposureCloud computing is seeing an increasing popularity and mass adoption due to its several benefits like scaling, affordability etc. However, there are hosts of potential threats that can occur due to cloud computing.
DDoS AttackVolumetric DDoS attacks continue to be highly prevalent, with the increase in the attack size and the level of sophistication of attackers. This occurs when attackers send a high influx of malicious traffic to an application or API, completely overwhelming its bandwidth capabilities and thus blocking critical services for its users. This leads to a huge impact on the company’s bottom line. Therefore, you need advanced DDoS detection system and protection technology in order to lessen the impact of such attacks on your network, digital assets, business and customers.
Application layer attacks
Application layer attacks can cause a lot of damage as well. As the name suggests, the attack traffic targets the application layer or layer 7 of the open systems interconnection (OSI) model, which supports your cloud environment, by imitating users’ traffic behavior. The targeted applications could be the ones you built on the cloud environment or applications provided by a third party vendor. Therefore, the traffic appears legitimate and it becomes tough to detect. When combined, DDoS attacks and application layer attacks can compromise your entire infrastructure. You need a cloud provider with a strong DDoS detection system to help you mitigate such security risks.
How to secure and protect Cloud Computing?
Security of private, public and hybrid cloudsEven though public clouds offer more flexibility, many organizations prefer a private cloud environment compared to public clouds or hybrid cloud infrastructure. However, private cloud has its own risks. For example, an attacker could exploit a vulnerability, gain access to the hypervisor, the overall system and attack the neighboring virtual machines installed on its host server. People with a public cloud setup are also susceptible to such vulnerabilities in their infrastructure. However, Amazon, Microsoft or Google offer quicker response to mitigate such risks and are better equipped for your hypervisors’ security.
Cloud security breach and loss of dataUsers need to log in to access the resources on the cloud platform. This calls for successful authentication and authorization of the user. An attacker could manipulate the registration details and gain unwanted access to the cloud infrastructure. You need to ensure that your system does not fall into bad hands. In order to prevent such issues, you need an identity and access management (IAM) framework in place that provides functionalities like web single sign on (Web SSO). However, a poorly configured IAM may lead an unauthorized user (inside enemy or misconfiguration) to instantiate prohibited resources. This could further lead to accidental infrastructure costs and rogue instances, committing breaches, all over the infrastructure. Roles management is subject to errors, new attack surfaces and can be a time consuming affair. That is why an IAM is important when you configure your applications, to give users precise rights to access only what they really need (parts of network, storage location, etc). This approach could be enhanced further by defining certain rules based on these roles.
Unforeseen incidents like billing attacksIt is recommended to have Serverless applications for automating repetitive tasks and improving overall productivity. It allows you to write code and run it in response to a trigger, without having to worry about managing any virtual machines or containers, scaling etc. For example, AWS hosts the developers’ code, creates the virtual machines and scales automatically, so that you do not have to manage the infrastructure at all and can focus on your other business priorities. It is truly the next generation cloud. However, it can be costly to operate applications with a Serverless architecture. Let’s say a customer wants to upload his profile picture on your website. Once the image is uploaded, the Serverless routine resizes it automatically. In such a scenario, instead of a classical DDoS attack, the attacker tends to create hundreds of false accounts, changing the profile picture in each account, multiple times within a second. If it costs you at least a few cents for each execution, then you can realize how quickly the total costs would escalate. To give an idea, if you pay EUR 100 per month for classical traffic and the attack costs you EUR 100, the total costs could go up to EUR 10,000 per month.
Compliance is not equal to securityThere are stringent data and regulatory compliance requirements that need to be met by cloud providers in different industries. Since cloud computing influences many industries, it is important to have compliance programs in place in order to address the various security risks it imposes on the respective consumers. Cloud providers need to meet the protection standards set by HIPAA, general data protection regulation (GDPR, a privacy protection standard for EU), and payment card industry (PCI DSS) to provide customers the protection they are worthy of. Complying with GDPR, as per the Schrems II ruling, is necessary in order to avoid high penalties, equivalent to 4% of the global turnover of the company. It is advisable to use an EU based cloud provider, who is not concerned with overseas laws in order to ensure your data protection in the cloud. For, you will be solely responsible for this decision. However, attackers can negatively affect the compliance programs too. The need for safety practices and safety standards in security management in the cloud is ever increasing.
Solutions to secure applications hosted in the cloud
Rohde & Schwarz Cybersecurity management solutions address the various challenges pertaining to cloud specific security. Here are some additional advantages.
R&S®Web Application Firewall (on-premises)
- It allows centralized log management and reporting directly in a SaaS platform – ideal for enterprises that prefer on premise for compliance or security management reasons
- Web apps & API security controls based on reverse proxy
- Visual design of security policies & management of in/out traffic
- Optimized TCO in both build and run phases & DevOps-oriented
- Adaptive approach based on Behavior Analysis & IP Reputation
- Advanced monitoring of security, performance and web workload
R&S®Web Application Firewall (Cloud-hosted)
The classical R&S®Web application firewall can be deployed in the cloud marketplace too. It is very easy to set up and instantiate and has all the advantages of the on premise version.
R&S®Cloud Protector (WAF-as-a-Service)
It is ideal for enterprises that want to rely entirely on Software-as-a-Service deployment in the cloud to be as flexible as possible. Unlike the cloud-hosted version, you do not have to manage the software updates for this one
- Application security engines of R&S®Web Application Firewall, embedded in a WAF-as-a-Service
- Best balance between high-level security & ease of use thanks to predefined policies
- High availability and performance of applications
- Subscription based on usage with a vendor managed service
- Trustworthy, sovereign, European solution