As increasing amounts of data make their way to the cloud, the information security challenges around that data also increase. As we learned earlier this year at IBM Think, cloud security remains one of the top enterprise data concerns, especially with data growth outside of an organization’s data center. Cloud security weaknesses, therefore, are top of mind for nearly all enterprise IT teams today.
We estimate that companies storing file data on cloud services beyond their firewall will encounter a security breach within the next three years. That’s an important number and points to more than assumed risk – call it assured risk – that data can be compromised.
Cloud security will remain a challenge for businesses that fail to be pragmatic in their approach to migrating and securing their data. However, this assumed risk can be remediated before it ever happens with a little due diligence and preparation. Here are five common scenarios where data security can be compromised in the cloud:
Humans introduce the number one point of weakness into data center security. Not all breaches are committed by ‘bad people.’ Some of the biggest risk in cloud security comes from people who make honest mistakes. Information moves with relative ease to virtually anywhere in the world, which means that a simple mistaken push on the send button can send confidential information into the open domain. Leaky cloud buckets are a perfect example. Enterprise IT teams need to balance their investments of ‘keep out technology’, like firewalls, with ‘keep in technology’ such as classification, encryption, and rights management to ensure that information is protected from harmful dynamics in either direction.
At CTERA, we work with large enterprises around the globe that are aware that the most damaging breaches are not all from the outside – such as hackers. Sometimes the threat can come from the inside from malicious insiders, departing employees with a grudge, or from bad actors that have gained insider credentials and use them to the enterprise’s disadvantage. External file sharing permissions, watermarks, and other data loss prevention tools can protect your organization against these bad actors.
Weak Access Control
On a related note, weak access control is an issue that an organization may not be aware exists. Another one of the most common mistakes that companies allow is the sharing of user account details among colleagues. This offer users the ability to access areas of the company systems they would not otherwise have, and at the same time, also removes the ability to track and audit user activity to a specific person should there be any wayward behavior.
Every organization wants to realize the benefits of cloud technologies, but not at the expense of losing control over their data. Data loss in this instance, means accidental deletion of critical data on the cloud, or failure to scan old code for vulnerabilities. Our Enterprise File Services Platform provides organizations with a way to utilize the cloud behind their firewall, on their storage of choice. Our platform encrypts the data before it is sent to the cloud ensuring that data is never exposed or lost. With CTERA, no third party ever has access to your data, keys, or authentication, assuring security.
Shared Cloud Services
Some cloud solutions provide shared services and can present vulnerabilities when they fail to provide the necessary security between clients. This failure to segregate organizational data can lead to shared resources on a cloud. Threats can originate from other clients on the cloud introducing weakness and threats that can impact other clients. This is the fundamental reason CTERA’s platform is not only built to deploy on your own cloud, but also is multi-tenant, meaning you can segregate data by groups or data type, dependent on your organizational requirements.
Cloud security weaknesses should always be of concern, but they need not inevitably lead to organizational harm. If your cloud choices have left you wondering about your data’s security, get in touch with us or download our platform security architecture whitepaper today.