How Do I Plan For A Secure Cloud Environment?
Randy Mizzoni, Senior Vice President, Sales & Marketing
February 16, 2021
One of the most common questions I am always asked about cloud-based systems is how to keep my data secure? There is a common feeling amongst many senior executives that if they keep all their systems in-house then they must logically be more secure than transferring all that data into the cloud.
Naturally I would disagree, but that is because I have spent years working on these systems – and on many in-house networks. I know that data security flaws and failures can exist on every different kind of system. The best approach is to know where your main weaknesses are located, so you can mitigate the risk.
How do most cloud security breaches occur? This recent research published by the security expert Graham Cluley has some good observations:
- 80.7% of organizations have at least one neglected internet-facing workload － meaning it’s running an unsupported operating system or has remained unpatched for 180 days or more.
- Authentication issues are also commonplace, with 5.3% of organizations having at least one workload accessible using either a weak or leaked password; 23.5% of organizations aren’t using multi-factor authentication to protect one of their cloud account’s root, super admin users; and 19.3% of organizations have at least one internet-facing asset accessible by way of non-corporate credentials.
- Almost half the organizations (43.9%) have internet-facing workloads containing secrets and credentials, posing a risk of lateral movement.
- The security of internal workloads is much worse than frontline workloads, with 77.2% of organizations having 10% or more of their internal workloads in a neglected security state－meaning the OS is unsupported or unpatched.
This is worrying, but it is clear that the same problem causes most breaches of cloud infrastructure. A neglected and unchecked workload is connected to the Internet and allows an initial breach that then results in lateral movement inside the organization – which is made easier by many internal processes not being protected.
Each of these issues can be addressed individually. You don’t leave workloads neglected, you build better internal security so any breach cannot move beyond the initial access, you don’t store confidential information on Internet-facing systems. It’s a focus on building the culture and process of security that a partner like WatServ can manage for you – this is what we do every day.
Other recent research found that 91% of companies increased their data security by moving to a cloud-based solution. This demonstrates the flip-side of the fears. Working with a cloud can be much more secure, not least because the change in approach allows you the opportunity to design new policies and controls. It is the lack of these policies and controls that often lead to data breaches.
The bottom line is that there is no single solution that can offer 100% bullet-proof security, however it is clear that once companies move to a cloud-based approach they are generally more secure because they start taking the controls more seriously. Working with a partner who can help you avoid the pitfalls listed in the bullet points is essential – these are the mistakes you want to avoid from day one.
What is your view on cloud security? Are you still concerned that moving to a cloud would leave you exposed and what are the data security protocols that you have right now that you feel are better than a cloud approach? Please send me a direct message on LinkedIn if you’d like to discuss this further. Would love to hear your thoughts.
WatServ demonstrates best-in-class capability and market leadership through proven technology and customer commitment.
WatServ is an IT solutions provider that helps clients digitally transform their business through cloud technologies and services. Founded in 2006, WatServ specializes in providing hybrid and multi-cloud solutions and hosting complex, high-availability environments for enterprise-level applications. WatServ’s unique approach to planning, migrating and managing multi-cloud environments, plus premium 24x7x365 support, enables its global customers to focus on their core business. Relying on Microsoft and Google’s public clouds, in addition to its own private cloud, the company offers an ideal managed cloud environment engineered for security, reliability and performance. With offices in Canada and the United States, and with 1000’s of users connecting from around the world, WatServ is always on. For more information, please visit www.watserv.com.
WatServ is an affiliate of Brookfield Business Partners (BBU), a public company with majority ownership by Brookfield Asset Management Inc. and listed on the New York and Toronto Stock Exchange. More information about BBU is available at www.brookfield.com.