Credit: ID 116321570 © Pumai Vittayanukorn | Dreamstime.com
How safe is your data? Is it at more or less risk when it’s in the cloud? These are the questions keeping security professionals awake at night. And, while many organisations believe their data won’t be compromised within a cloud infrastructure, the statistics say they’re wrong. Public cloud is fuelling a new wave of attacks, in fact when Sophos conducted a study across Amazon Web Services (AWS) data centres, the results demonstrated how fast cyber criminals are acting online.
Just how at risk is public cloud?
Using cloud honeypots – systems intended to mimic likely targets of cyber attackers – security researchers can monitor for criminal behaviour. When Sophos dropped honeypots in 10 of the most popular AWS data centres in the world, it took less than a minute (52 seconds) for one of the honeypots to be attacked. On average, each honeypot was hit by 13 attempted attacks per minute over a 30-day period.
The research reveals that cybercriminals are actively scanning for weak or open cloud buckets they can exploit. What’s more, they are most likely using automation tools for fast results. This is not to say that organisations are automatically at risk using public cloud. However, the research brings to light just how important it is for organisations to secure their data to successfully enjoy all the benefits that public cloud computing provides. Organisations should focus on smart visibility, compliance and AI-based monitoring.
Be prepared with smart visibility
Having visibility into an organisation’s cloud infrastructure will allow IT teams to highlight security issues and enable them to respond and remediate risks in minutes. Once in place, the cloud infrastructure will also be monitored meaning IT will have a full view of the environment.
Having full visibility is vital, as it allows organisations to identify any issues as and when they occur, leading to necessary action being taken. This can include isolating any breaches to stop them from spreading throughout the network.
Avoid sticky fingers when it comes to compliance
Remaining compliant with local and international legislation is a top priority for organisations and thankfully there are solutions that assist in doing so. These solutions highlight what is needed to maintain continuous compliance by using the power of AI and automation. These tools can also help IT to prioritise tasks, allowing them to assign tickets, alerting developers to what needs to be fixed as a matter of urgency. It simplifies the process for the IT team, so they’re able to focus their attention on other more business-focused tasks.
Find your sweet-spot with AI-based monitoring
Often, issues in a network are detected due to increased use of CPU power and/or anomalies in normal traffic patterns. With AI-based monitoring, the system will automatically create a baseline of normal traffic patterns and notify the admin of any changes. This includes unusual behaviours, such as an employee who usually logs in from Australia doing so from the UK, despite being online in Australia only a few hours ago. This indicates that something is not right and that a perpetrator is likely trying to gain access.
As an organisation, it’s important to think about the data that you put onto the public cloud and understand the risks in doing so. As shown in Sophos’ study, hackers are always active online and looking for targets they can exploit. While using the public cloud comes with its own set of risks that can’t be eliminated, organisations should still be taking the necessary steps to reduce the likelihood their data will be compromised.