In Focus: Cloud Security in 2020
In 2019, cloud computing really took off. Cloud security, however, took a backseat in 2019, leading to unprecedented cloud data breaches and data exposures. In 2020, it’s expected that cloud management will shift focus to security.
What Is Cloud Computing?
The cloud in the phrase “cloud computing” refers to the internet. Computing, meanwhile, refers to any activity that uses computers. In cloud computing, the computing activity is done over the internet instead of the computer’s hard drive.
Software as a Service, also known as (SaaS), Infrastructure as a service (IaaS) and Platform as a service (PaaS) are the three types of cloud computing. SaaS is a cloud-based service which offers access to a software or application via an internet browser. An example of SaaS is Office 365.
IaaS is a cloud-based service that enables customers to get access to the service provider’s own infrastructure, including storage. Microsoft Azure, Amazon Web Services (AWS) and Google Compute Engine are examples of IaaS.
PaaS, meanwhile, refers to a cloud-based service that provides a software development platform. In PaaS, customers can build and run applications and the service provider provides the necessary infrastructure to make the application run and scale.
The Cloud Numbers
According to Forrester Research, 65% of North American enterprises rely on public cloud platforms. In 2020, the research company said public cloud market will grow to $299.4 billion, including cloud applications (SaaS), infrastructure (IaaS) services, development and data platforms (PaaS) combined.
The mass migration to the cloud has been successful due to the cloud’s agility and efficiency. For a number of organizations that migrated to the cloud, however, security was neglected.
In August of this year, cyber security software company Impervadisclosed its own data breach. The company said that an unauthorized use of an administrative API key in one of the company’s production AWS accounts in October 2018 resulted in the exposure of a database snapshot containing emails and hashed and salted passwords.
According to Imperva, the company, back in 2017, began the process of adopting cloud technologies and migrated to AWS Relational Database Service (RDS) to scale its user database. The following key decisions during the AWS migration process, the company said, taken together, resulted in the data breach: 1) we created a database snapshot for testing; 2) an internal compute instance that we created was accessible from the outside world and it contained an AWS API key; 3) this compute instance was compromised and the AWS API key was stolen; and 4) the AWS API key was used to access the snapshot.
Imperva said that the data breach taught the company “some hard lessons about securing cloud migration”.
Capital One Case
In July of this year, Capital One Financial Corporation disclosed one of the largest data breaches, affecting 100 million individuals in the United States and approximately 6 million in Canada. According to Capital One, an attacker was able to exploit a specific configuration vulnerability in its cloud infrastructure.
Joel Martini, Special Agent at the U.S. Federal Bureau of Investigation (FBI), in the indictment document, said that one of the reasons for the Capital One data breach was a misconfigured web application firewall (WAF). Special Agent Martini said that Capital One’s logs show that IP addresses believed to be TOR exit nodes accessed Capital One’s cloud data on or about March 22, 2019.
Cloud API: Weak Link to the Cloud
Application programming interface (API), in general, allows a product or service to communicate with other products and services. Cloud API, meanwhile, refers to the software interface that lets your organization’s infrastructure or applications connect to the cloud-based service. Each cloud-based service has its own API. Organizations using multiple cloud-based services, therefore, have to manage multiple APIs.
The API Security Survey in 2017 conducted by OnePoll for Imperva, showed that more than three in four organizations treat cloud API security differently than web app security. The survey also showed that more than two-thirds of organizations expose their organizations’ APIs to partners and the public. “Due to increased usage, APIs have become a new attack vector for cybercriminals and make applications and databases vulnerable to web application attacks,” the survey concluded.
According to McAfee, in 2020, API will be exposed as the weakest link leading to cloud-native threats. “Dependence on APIs will further accelerate with a growing ecosystem of cloud applications built as reusable components for back-office automation (such as with Robotic Process Automation) and growth in the ecosystem of applications that leverage APIs of cloud services such as Office 365 and Salesforce,”McAfee said. “The increasing need and hurried pace of organizations adopting APIs for their applications in 2020 will expose API security as the weakest link leading to cloud-native threats, putting user privacy and data at risk until security strategies mature.”
How to Protect Your Organization’s Cloud Environment
According to Forrester Research, the Capital One data breach in AWS has brought attention to the next big cloud management challenge: securing apps and data in the cloud.
“The hyperscale cloud leaders will ramp up investment in their native security offerings, while cross-cloud management providers must buy, build, and/or acquire security capabilities that go beyond past identity and access management,” said Forrester Research.
Even as cloud-based service vendors are working on improving the security of their services, the security of your organization’s cloud environment still rests on your organization. When using IaaS, for instance, such as AWS or Azure, organizations retain the responsibility for securing the applications and network traffic.
Cloud protection and support require expertise and experience to properly secure your data. Our team of experts will help you design the best solution, on-budget.
Call today (416) 920-3000 or email us at email@example.com