How Cloud Platforms Protect Themselves From Security Threats

How Cloud Platforms Protect Themselves From Security Threats

How Cloud Platforms Protect Themselves From Security Threats

An estimated 79 percent of companies are already either operating in a cloud environment or preparing to do so, according to CloudPassage’s Cloud Security 2016 Spotlight Report. Companies agree the cloud delivers unparalleled benefits, including freed-up space, cost reduction and flexible scalability.

However, security remains a barrier to full-scale cloud adoption. Here’s a look at how informed professionals are at protecting their companies on the cloud and what steps you can take to safeguard your information.

Multi-Factor Authentication

Used by 45 percent of organizations, multi-factor authentication is the most popular cloud security control. Meantime, 35 percent of organizations include among their most effective controls single sign-on user authentication, where multi-factor authentication is combined with the use of a single set of credentials that enables users to access multiple applications. This combination has several advantages.

Because users only have to remember one password, they can use a single, sophisticated password, which removes the temptation to write it down and the password getting in the wrong hands. SSO also makes it easier to track security breaches by creating a single audit trail documenting the source and nature of the breach. By the same token, IT departments can more easily shut down compromised accounts by deleting a single set of credentials.

The main vulnerability of SSO, however, is that if the authentication process gets compromised, the intruder can access all applications. This makes protecting the integrity of the authentication process crucial. Leading corporate SSO solutions combine SSO with multi-factor authentication tools such as one-time password tokens, biometric identification, smartcards or radio badges. Some smaller businesses use password managers, which store encrypted passwords in a file that can be accessed through one set of credentials.

Encryption and Tokenization

The next most popular cloud security controls are encryption and tokenization. Encryption is also considered the most effective security control. Data encryption is cited by 65 percent of organizationa as among their most effective controls, followed by network encryption at 57 percent.

Encryption uses a cipher to encode information so that it cannot be read by a party without the decoding key. For instance, online data backup service Mozy provides military-grade encryption by using a 256-bit AES key to encode files before sending them through a secure SSL connection. Without the encryption key, it’s practically impossible to decipher such a complex code. A strongly-encrypted transmission is only vulnerable if its cipher is stolen.

security threats, cloud security, cloud computing security
Security remains a barrier to full-scale cloud adoption. How informed professionals are at protecting their companies on the cloud.

Encryption and tokenization each have strengths and weaknesses that make them appropriate for different situations. Encryption can be scaled to data of any size, can be used for both structured and unstructured information and is usually used with data leaving or entering an organization.

Meantime, tokenization provides somewhat stronger security, but does not work well with large databases or unstructured information. With that in mind, tokenization is best for small structured fields, such as credit card or Social Security numbers. It’s usually used within an organization due to the need for access to a mapping database.

Intrusion Detection and Prevention

Intrusion detection and prevention is the third most popular cloud security control used by organizations. After data and network encryption, it also cited as the third most effective security measure. Intrusion detection systems monitor networks for activities that either display patterns of known threats, like malware, or deviate from patterns of normal traffic. When a threat is detected, it can then be stored for monitoring or reported to an administrator. Intrusion prevention systems block threats as well as detect them.

Roy Rasmussen

Roy Rasmussen, coauthor of Publishing for Publicity, is a freelance copywriter who helps small businesses get more customers and make more sales. His specialty is helping experts reach their target market with a focused sales message. His most recent projects include books on cloud computing, small business management, sales, business coaching, social media marketing, and career planning.


How Technology is Reshaping Future Car Design

How Technology is Reshaping Future Car Design

Apple CEO Tim Cook announced this month that his company is developing self-driving cars, confirming rumors that ha