Four Key Elements of Cloud Security You Need to Have

Between 2020 and 2021, the rate of small businesses data breaches skyrocketed. In 2020, 12% of Canadian SMBs reported experiencing a data breach, and in 2021 that number jumped to 50% being breached.

This is an alarming trend, and a big reason for it is that many companies of all sizes, and especially small and mid-sized companies, moved much of their workflow to the cloud during the pandemic.

Statistics on global data breaches bear this out. According to IBM security’s Cost of a Data Breach Report, cloud credential compromise has become the number one cause of data breaches. 

As SMBs have moved their data and processes to cloud-based platforms, they often neglect the basics of cloud security. They may believe that the security is handled by the cloud provider, and this is only partially true.

Cloud providers like Microsoft, Google, and AWS, ensure their platforms and cloud data centers are secure. However, it’s up to the customer to ensure they have configured the security correctly for their needs and that user logins are protected. It’s a shared responsibility model.

To ensure you’re not one of those businesses suffering the next breach of one of your user accounts, it’s important to put some basics of cloud security in place.

Here are the four key elements you need to have. 

Access Security

As mentioned, credential theft has become the main cause of data breaches globally, and stealing user credentials is also the goal of a majority of phishing attacks.

If a cybercriminal can log in to one of your cloud accounts as a user – especially a user with administrative permissions – they can access quite a lot of your data and resources. They can also bypass security systems because they’re seen as a legitimate user.

Access security is vital to ensuring you don’t suffer an insider attack through a stolen password. Some of the basic tenants to put in place to improve cloud access security are:

  • Multi-factor authentication (MFA) 
  • Require use of strong passwords
  • Password manager to ensure passwords are being stored responsibly
  • Cloud access security broker to monitor logins of all cloud accounts

Tailored Cloud Configuration

10% of data breaches are caused by misconfiguration. This is when a cloud account’s security settings are not properly configured to protect data or prevent a malware infection.

For example, not enabling safeguards for phishing in a business email system and leaving cloud storage folders as “public” instead of making them private, are both examples of misconfiguration.

This generally happens because small businesses don’t realize they need to do anything with their cloud platform security, and they leave it at the default settings.

It’s important when you sign up for any new cloud software that you speak with your IT provider and have them tailor your cloud security settings as one of the first things done before you start using the account.

Endpoint Device Security

Cloud platforms aren’t only breached online, a computer or mobile device can also be used as a conduit to get through to a cloud account.

Mobile malware has become prevalent and is often hidden in free apps you might find in an app store. These apps do what they say, but they are also a trojan horse for dangerous malware.

Some malware allows a hacker to gain access to a device. Once that is done, they can often access employee accounts that have a persistent sign-in or a saved browser password. This means, they don’t even have to know the password to get in, they just use the stored login the employee uses on their device. 

It’s vital that you have endpoint protection and monitoring in place to ensure only authorized devices can connect to your data and that devices themselves have physical protections.

Some of the security tactics you should be using to protect devices from being used to breach your network are:

  • Endpoint / mobile device manager (such as Microsoft Intune)
  • Monitoring of all mobile devices 
  • Safe listing, so no unapproved devices can connect to your assets
  • Physical protections like screen locks and remote lock/wipe capabilities
  • Mobile anti-malware

Data Backup & Recovery

Are you currently backing up all data in your cloud accounts in a separate backup and recovery system? Many SMBs aren’t because they don’t realize that cloud storage is not the same thing as cloud backup.

Cloud providers like Microsoft recommend backing up your data in a 3rd party system. Microsoft’s Services Agreement states, “We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”

Cloud storage can and is hit by ransomware attacks. It can also suffer from data being deleted, either accidentally or maliciously. You must keep this data backed up so it can be restored completely if needed.

Get Help Securing Your Cloud Environment Today!

Haxxess can help your Northern Ontario business ensure your cloud environment is properly safeguarded so you’re not left vulnerable to the rise in cloud-based attacks.

Contact us today to schedule a free consultation! Call 705-222-8324 or reach out online.

stay in touch

Subscribe to our newsletter and we'll keep you informed about latest IT news.