Ranjith Raj Gnanapragasam, Product Manager, ManageEngine
The explosive growth of public cloud services in the workplace means business-critical information is uploaded, downloaded, and shared widely on a daily basis. There is now an urgent need to scrutinize and control the use of online resources to prevent data theft, exposure, and loss of valuable digital information due to neglect or oversight.
According to IBM’s Cost of a Data Breach Report 2021, extensive cloud migration is the third highest factor that amplified the cost of a data breach. Many of these data breach incidents will result from human errors, malware, weak credentials, and other factors. Stringent web protocols and cloud security measures will help ensure the safe use of cloud applications across your organization. Here are some best practices your organization can implement to safeguard your IT infrastructure.
Strengthen access control measures
Enforce a Zero Trust or least privilege model to ensure that employees are initially granted the minimal authorized cloud applications necessary to carry out their functions.
Employ multi-factor authentication that uses additional end-user credentials—including those that must be physically possessed by the user, such as a fingerprint—to verify their identity and to reduce the possibility of compromised credentials.
Secure network traffic
By default, to secure your data against unwarranted interceptions in your cloud systems, use only cloud apps with the HTTPS standard that encrypts network traffic. Track and scrutinize unsecured HTTP requests and transmissions that bypass secure socket layer (SSL) within your organization and confirm its legitimacy.
Gain visibility into cloud app use
Track both failed and successful access requests with details on who accessed which cloud application, when, and from where to gain insights into your organization’s web traffic. Also, examine details on data upload and download activities using deep packet inspection.
Enable proactive threat hunting
Use machine learning (ML) to detect and investigate suspicious activities across your cloud environment, including unexplained spikes in activity rate, use of risky IP addresses, and data sharing patterns that violate DLP policies. Perform routine penetration testing that periodically scours for vulnerabilities in your cloud environment.
Enforce malware threat protection
The Google IT security team’s Safe Browsing service has registered a total of 2,145,013 phishing and 28,803 malware sites as of January 17, 2021, which is a 25% increase from the same period last year. For secure browsing, enable URL filtering to block unsafe and inappropriate cloud applications that could expose your employees to malware, phishing fraud, credential theft attempts, spyware, spam campaigns, and other threats.
Encrypt data in cloud platforms
Encode or anonymize data stored in cloud systems to ensure its privacy and safeguard consumer privacy. In the hands of perpetrators, the encrypted data is rendered useless without its key. Either encode the desired business-critical data before moving it to cloud platforms, or use cloud services that provide de facto data at rest cloud encryption services.
Secure data in cloud using a CASB
A cloud access security broker (CASB) helps inspect inbound and outbound web traffic across sanctioned, unsanctioned, and shadow cloud services. Use a CASB to leverage and enforce the data leak prevention (DLP) policies used on-premise to across various cloud applications. A seamless integration between CASB and DLP solutions helps protect your sensitive data from leak, theft, and exposure.
Restrict use of unsafe and unmanaged devices
With recent trends like bring your own device (BYOD), the use of unmanaged devices has shot up. According to the 2018 BYOD security report by Bitglass, almost 85% of organizations have embraced BYOD trends. To administer these unmanaged devices, implement stringent device control policies that block the download of sensitive data to high risk devices, and restrict access to certain cloud apps when accessed via unauthorized devices.
A robust cloud application security program requires a combination of multiple security functionalities like URL filtering, data loss prevention, access management, anti-virus, and SSL scanning. Secure your cloud systems by continuously testing and deploying the product in phases. Fine-tune your security policies, profiles, and rules to reduce false positives, enhance effectiveness, and to realign them with changing business needs.
