Organizations of all sizes are increasingly adopting cloud technologies. While moving to the cloud leads to higher productivity, improved scalability, easier collaboration and more, it also introduces a new set of security challenges.
First, we’ll dive into a few examples of why cloud applications are being targeted. Next, we will go through a few of the different security risks associated with all cloud applications. Then, we explore what security controls can reduce the risks and prevent attacks associated with moving your organization to the cloud.
What Cloud Applications Are Being Targeted and Why?
Different cloud applications come with different types of data collected, processed, stored and transmitted - here's a few of the security risks associated with popular cloud applications used by organizations today.
Microsoft Office 365 and Google Suite
These applications are used to house sensitive information such as intellectual property, trade secrets and company financials. A compromised employee email account can also be used to reset users’ passwords for other systems, which allows attackers to move laterally within an organization to gain access to more applications.
Workday, Netsuite and Other Backend Systems
These systems are frequently successfully targeted for financial gain. Fraud examples include the changing of payment and direct deposit data in efforts to redirect payments and paychecks to attackers’ bank accounts. Other attackers will attempt to gather employee information and sell identities.
AWS, Microsoft Azure, Google Cloud Platform
Often business-critical applications are targeted for financial gain. These include customer services and applications that process personally identifiable information and payment card processing. Attackers may also run unauthorized instances, racking up charges on an organization's account.
Risks Applied to Cloud Technology
Transitioning from on-premises to the cloud means more accessibility. The increased security surface is large, as anyone in the world can attempt to gain remote access to your systems. Limited research is required by hackers to find the attack surface as they can go directly to the login portals for Office 365, Google Suite or Workday and try to log in.
Attacks can also originate from any device, whether it be mobile, laptop or a desktop, attempting access to your cloud services from another country. An organization does not have visibility into all of these different devices. Out-of-date devices that have not been updated to the latest, most secure software are able to connect to high-risk applications, putting the service at risk of compromise and potential malware infection.
Access Security Controls to Reduce Risk for Cloud Applications
To reduce security risks, organizations should start by securing user access, network access and device access.
Secure User Access
- Elevate security policies for privileged applications and users.
- Enable single sign-on (SSO) with multi-factor authentication for all cloud apps.
- Audit user cloud app permissions using the concept of least privilege to provide access only to users who require access.
Secure Network Access
- Deny traffic from known risky networks such as Tor, anonymous, and proxy networks.
- Only allow access to cloud apps based on the geolocation of the users.
- For high-risk cloud applications, require users to be connected to a corporate network.
Secure Device Access
- Gain visibility into devices accessing cloud services.
- Block devices that are out-of-date and at risk of malware.
- Require newer mobile devices that have more advanced security controls such as a hardware security module (HSM), TouchID, FaceID and encryption.
- For high-risk cloud applications, require devices to be corporate-managed by an Enterprise Mobility Management (EMM) solution to ensure only trusted devices are able to access your cloud services.
Adopting and deploying the above security measures will enable your organization to continue on your journey to the cloud without worry or hesitation.
How Duo Beyond Can Help
Duo Beyond provides the granular security controls you need to provide the controlled access to your cloud applications. Learn more about Duo Beyond: https://duo.com/product