Security in Cloud Computing
Security in the Cloud involves the processes and methods that secure cloud environments against both insider and external cybersecurity threats. Nowadays, Cloud technology has become a necessity for businesses and governments who are seeking to accelerate innovation and collaboration. Cloud Security and its management require the best strategies designed to prevent unauthorized access from current and emerging cybersecurity threats to keep data and applications secure in the cloud.
Mostly there are 3 Primary types of Cloud :
Public Cloud Services:
It is a type of service where the provider makes resources available to the users via the public web. It is mostly hosted by third-party cloud service providers and is generally accessible through web browsers, so for the need of security, identity management, authentication, access control are essential.
Private Clouds:
These types are usually accessible and dedicated to only a single company or organization. But still, they are most vulnerable to access breaches, social engineering, and other types of exploits.
Hybrid Clouds:
They are a combination of public and private clouds, allowing companies to have more control over their resources and data than in a public cloud, but they are still able to have the benefits of scalability and other benefits of the public cloud when needed.
Security Architecture based on Cloud Models:
1. IaaS: We get visibility into security issues within a cloud network by deploying network packet brokers (NPB) in an IaaS environment provides. The appropriate data to the network performance management (NPM) of the NPBs and security tools and direct traffic. Enterprises should log wires to view issues occurring at the endpoints in a network along with deploying NPB to gather wire data,.
IaaS models require these additional security features:
· Web application firewalls placed in front of a website to protect against malware.
· Virtual routers
· (IDS/IPS)
· Network segmentation
2. SaaS: SaaS centrally hosts software and data that are accessible via a browser. The organization mostly negotiates with CSP the terms of security ownership in a legal contract.
Cloud Access Security Brokers (CASB) in SaaS cloud service model plays a critical role in discovering security issues as it audits , logs, provides access control, and oftentimes includes encryption capabilities.
SaaS security features include:
· Logging
· IP restrictions
· API gateways
3. PaaS: You need no buy and manage the underlying hardware and software and provision the hosting capabilities. You just need to deploy the applications and the rest will be taken care of.
In the PaaS cloud service model majority of security is provided by CSP. However, the application’s security rests with the enterprise.
The components essential to secure the PaaS include:
· Logging
· IP restrictions
· API gateways
· CASB
Some Key technologies in Cloud Security:
Encryption: It is a method of hiding clear data and converting it into an unreadable format so that only authorized people can read the information. If multi-cloud or hybrid cloud environments at the network layer are connected, a VPN can encrypt traffic between them. Or else if they are connected to the application layer, SSL/TLS should be used. SSL/TLS should also encrypt traffic between a cloud and a user
Identity and access management (IAM): It tracks a user and assigns the user permissions, and they deny access to unauthorized users and authorize authentic users and as necessary. IAM is very important in the cloud because the user’s identity and access privileges determine whether they can access data or not, and not the user’s device or location.
The right IAM solution will help mitigate several kinds of attacks, including insider attacks and account takeover (when an employee or user abuses their access in order to expose data).
IAM includes several different services, or it is a single service that combines all of the following capabilities:
• Identity providers (IdP) authenticate user identity
• Single sign-on (SSO) services help authenticate user identities for multiple applications so that users only have to sign in once to access all their cloud services
• Multi-factor authentication (MFA) improves the user authentication process
- Access control services restrict unauthorized user access
Firewall: A firewall in the cloud provides a layer of protection around our data or assets in the cloud by blocking malicious traffic from the internet. While traditional firewalls are hosted on-premises and defend the network perimeter, cloud firewalls are hosted in the cloud and form a virtual security barrier around cloud infrastructure. Mostly all web application firewalls fall into this category.
Cloud Security Best Practices:
· Securely manage your data
· Implement Endpoint Security
· Carefully choose the cloud vendors
· Monitor and prevent
· Conduct due diligence
· Implement IDPS
· Define Cloud Usage policies for all employees
· Maintain a safe list
· Trust uses, but verify
· Regulatory compliance boosts security
Cloud Computing Security Issues and Challenges:
Data Protection in the cloud: Organizations that want to move their data to the cloud do not get physical access to the server.
Lack of visibility: The lack of visibility means that the organization cannot efficiently aggregate or collect information about the security status of infrastructure and applications that are deployed in the cloud.
Lack of Control over Cloud Infrastructure Security: When an organization deploys its infrastructure overcloud it loses control on how that infrastructure is deployed, managed, and configured.
Lack of Transparency Between Business and Cloud Service Provider: The organization is unsure whether the data has not been replicated and stored on an unsecured server.
Physical Security:
The physical hardware for running the cloud environment represents one last opportunity for hackers and industrial spies to access and steal your important data. When there is direct access for the hackers to the hardware that runs the cloud, they can easily steal data or upload malware directly to your systems. Hackers should never have this opportunity.
Tier IV data centers help protect cloud environments by restricting access to the physical systems that run the cloud environment. Measures used in a secure Tier IV facility will be the following :
· Armed security patrols
· Controlled access checkpoints with biometric security controls
· 24/7 CCTV monitoring
· These security measures are critical for keeping unauthorized users from directly accessing the hardware that runs your cloud.
