![]() Insufficient due diligenceĬloud services are inherently complex in their hardware and software configurations. Remedial recommendations can be found under CCM controls IS-24 and IS-26 which help define the legal parameters of the abuse and also describe an ‘acceptable use’ policy. Since your cloud backups make use of services that give you access to vast amounts of computing power, this power can be abused if it falls into the wrong hands, such as constructing a denial-of-service attack or trying to brute-force crack an encryption key. ![]() A malicious insider can leave your business especially vulnerable since they usually know which data security measures to circumvent.īetter IT policies around credential and role management will help prevent unauthorised access to your backup data. These include current as well as former employees, or any other business partner with confidential knowledge of your business. The Cloud Controls Matrix (CCM) has four controls to help mitigate this threat: IS-04, OP-03, RS-07 and SA-04 and has to do with resource planning and application security. Since the reason for this degradation in performance is because the attacker is consuming as much computing resources as are available, this can leave you unable to access valuable backups or you might get billed by your cloud service provider for processing you never intended. Denial of Serviceĭenial-of-service or more commonly known as DDoS (distributed denial-of-service) attacks are nothing new and you’ll know you’re being targeted when your IT systems seem to come to a grinding halt. Here, the CSA recommends, ‘…it is critical for consumers of those services to understand the security implications associated with the usage, management, orchestration and monitoring of cloud services.’ 5. This can make the data being transferred vulnerable to network eavesdropping and manipulation. However, with a solution that is so integrated with third parties, some control is inadvertently relinquished. Unsecured interfaces and API’sĪPIs provide greater flexibility in implementing a backup solution and also allow greater automation capabilities. Take control of your backup accounts by not sharing accounts between employees, not re-using credentials across accounts, and also by implementing two-factor authentication as part of the log-on/sign-in process. ![]() Once this has happened, who knows what the perpetrators will get up to? When someone hijacks your accounts it’s because they got hold of your credentials, either through phishing, cross-site scripting, or social engineering techniques. The easiest way to mitigate this is by encrypting your cloud backups on transfer through the network and also during storage on the backup server database. When your cloud backup server is on a shared platform, without being designed for multi-tenancy, it could result in other tenants gaining access to your databases. Your company’s confidential information can accidentally or deliberately be read by an unauthorised third party. The agreement with both your cloud service provider and your backup service provider needs to ensure that measures to protect against accidental deletion and unauthorised access are in place and that some form of redundancy exists to protect against data loss. Since your backup data is in the hands of the cloud service provider, a lot of trust is placed in that relationship. It’s certainly the greatest threat to data security. They’re ‘the world’s leading organisation dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.’ Here’s a summary of what they reckon you should be addressing first (read here for the full report) – it’s known as the Notorious Nine: 1. And there’s your trouble… not enough of the right precautions.įortunately, the Cloud Security Alliance (CSA) are on top of this. Today’s forecast for data backups: mostly cloudy with a chance of being hacked scattered malware infections but later becoming more secure after taking better precautions.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |