M.Sc.(C.S.

) I
Cloud Computing

3. Overview of Cloud Security

 Cloud Security
• Cloud security is the set of control-based security
measures and technology protection, designed to
protect online stored resources from leakage,
theft, and data loss.
• Protection includes data from cloud
infrastructure, applications, and threats. In
particular, cloud security works to provide storage
and network protection against internal and
external threats, access management, data
governance and compliance, and disaster
recovery.
 Common Cloud Security Threats
• Identity, authentication and access management – This
includes the failure to use multi-factor authentication,
misconfigured access points, weak passwords, lack of
scalable identity management systems, and a lack of
ongoing automated rotation of cryptographic keys,
passwords and certificates.
• Vulnerable public APIs – From authentication and access
control to encryption and activity monitoring, application
programming interfaces must be designed to protect
against both accidental and malicious attempts to access
sensitive data.
• Account takeover – Attackers may try to eavesdrop on user
activities and transactions, manipulate data, return falsified
information and redirect users to illegitimate sites.
• Malicious insiders – A current or former employee or
contractor with authorized access to an organization’s
network, systems or data may intentionally misuse the
access in a manner that leads to a data breach or affects
the availability of the organization’s information systems.
• Data sharing – Many cloud services are designed to make
data sharing easy across organizations, increasing the
attack surface area for hackers who now have more targets
available to access critical data.
• Denial-of-service attacks – The disruption of cloud
infrastructure can affect multiple organizations
simultaneously and allow hackers to harm businesses
without gaining access to their cloud services accounts or
internal network.
 Cloud Security Challenges
• 1. Availability of cloud security experts
• Cloud architecture and cloud security require specialized knowledge.
Unfortunately, the availability of skilled labor in this field, particularly
for specialists trained in managing security concerns in cloud
computing, has not caught up to demand
• 2. Identity and Access Management
• Identity and Access Management (IAM) is essential. While this may
seem obvious, the challenge lies in the details.
• It’s a daunting task to create the necessary roles and permissions for an
enterprise of thousands of employees. There are three steps to a
holistic IAM strategy: role design, privileged access management, and
implementation.
• Begin with a solid role design based on the needs of those using the
cloud. Design the roles outside of any specific IAM system. These roles
describe the work your employees do, which won’t change between
cloud providers.
• Next, a strategy for privileged access management
(PAM) outlines which roles require more
protection due to their privileges. Tightly control
who has access to privileged credentials and
rotate them regularly.
• Finally, it’s time to implement the designed roles
within the cloud provider’s IAM service. This step
will be much easier after developing these ahead
of time.
• Cloud Compliance
• Organizations have to adhere to regulations that
protect sensitive data like PCI DSS(Payment card
Industry Data Security Standard) and HIPAA
(Health Insurance Portability and Accountability
Act). Sensitive data includes credit card
information, healthcare patient records, etc.To
ensure compliance standards are met, many
organizations limit access and what users can do
when granted access. If access control measures
are not set in place, it becomes a challenge to
monitor access to the network.
• Misconfiguration
• Cloud computing is a popular way to access
resources remotely and save on costs. However,
cloud security threats cannot arise if your cloud
resources are configured correctly.
Misconfiguration is the top cloud security
challenge, as users must appropriately protect
their data and applications in the cloud. Toavoid
this security threat, users must ensurethat their
data is protected and applications areconfigured
correctly.
• Unauthorized Access
• Unauthorized access to data is one of the topcloud
security challenges businesses face. The cloud
provides a convenient way for businesses to
store and access data, which can make data
vulnerable to cyber threats. Cloud security
breaches can include unauthorized access to user
data, theft of data, and malware attacks. To
protect their data from these types of threats,
businesses must ensure that only authorized users
have access to it.
• Hijacking of Accounts
• Hijacking of user accounts is one of the major
cloud security hacks. Using cloud-based
applications and services will increase the risk
of account hijacking. As a result, users must be
vigilant about protecting their passwords and
other confidential information to stay secure in
the cloud.
• Data Privacy/Confidentiality
• Data privacy and confidentiality are critical
issues when it comes to cloud computing. With
cloud computing, businesses can access their
data from anywhere in the world, which raises
security concerns. Companies don’t have control
over who has access to their data, so they must
ensure that only authorized users can access it
• External Sharing of Data
• External data sharing is one of the leading cloud
security challenges businesses face. This issue
arises when data is shared with third-party
providers who have to be vetted and approved
by the organization. As a result, external data
sharing can lead to the loss of critical business
information and theft and fraud. To prevent
these risks, companies must implement robust
security measures, such as encryption, and data
management practices.
 Cloud Security Monitoring
• Cloud security monitoring is the practice of
continuously supervising both virtual and physical
servers to analyze data for threats and
vulnerabilities.
• Cloud security experts monitor and assess the
data held in the cloud on an ongoing basis. They
identify suspicious behavior and remediate cloud-
based security threats. If they identify an existing
threat or vulnerability, they can recommend
remediations to address the issue quickly and
mitigate further damage
 Benefits of Cloud Security Monitoring
• Maintain compliance – most major regulations, such as PCI
DSS (Payment card Industry and data security standard)and
HIPAA (Health Insurance Portability and Accountability Act of
1996), require monitoring. Organizations using cloud platforms
should leverage observation tools to comply with these
regulations and avoid penalties.

• Discover vulnerabilities – it is important to maintain visibility

over your cloud environments to identify vulnerabilities. You
can use an automated observation tool to quickly send alerts
to your IT and security teams and help them identify suspicious
behavior patterns and indicators of compromise (IoCs).
•
Increase security maturity. An organization with a mature
infosec model has a proactive, multi-layered approach to
security. A cloud monitoring solution enables organizations to
include cloud as one of those layers and provides visibility into
the overall environment.
• Protect sensitive data – you can use a cloud security
monitoring solution to perform regular audits and keep your
data secure.
• Cloud Security Monitoring Challenges
• Lack of cloud security strategy. Many organizations hastily
migrate to the cloud to support remote work without
developing a clear cloud security strategy.
• Alert fatigue. Many cloud monitoring products are noisy,
which can result in IT and security teams lacking insight into
what’s important to focus on. A FireEye study revealed that
some organizations receive up to 10,000 alerts per month
from security products. Cloud monitoring solutions with
prioritized alerts can reduce the noise and chances of
receiving false positives, which provides higher security value.
• Lack of context. Logs and alerts are only valuable if an
organization understands how to interpret them. Security
teams should understand what they want to monitor and why;
once they receive alerts, they should know which actions to
take
 Identity and access management
(IAM)
• Identity and access management (IAM or IdAM
for short) is a way to tell who a user is and what
they are allowed to do.
• The primary goal of identity management in
cloud computing is dealing with personal identity
information so that a user’s access to data,
computer resources, applications, and services is
controlled accurately.
• Cloud identity management is a lot more than
just a simple web app SSO solution
 Multi-Factor Authentication(MFA)

• Multi-factor authentication (MFA) is a multi-

step account login process that requires users
to enter more information than just a
password. For example, along with the
password, users might be asked to enter a
code sent to their email, answer a secret
question, or scan a fingerprint. A second form
of authentication can help prevent
unauthorized account access if a system
password has been compromised.
 Why is multi-factor authentication
necessary?
• Digital security is critical in today's world because both
businesses and users store sensitive information
online. Everyone interacts with applications, services,
and data that are stored on the internet using online
accounts.
• A breach, or misuse, of this online information could
have serious real-world consequences, such as
financial theft, business disruption, and loss of privacy.
• While passwords protect digital assets, they are simply
not enough. Expert cybercriminals try to actively find
passwords. By discovering one password, access can
potentially be gained to multiple accounts for which
you might have reused the password
• Multi-factor authentication acts as an
additional layer of security to prevent
unauthorized users from accessing these
accounts, even when the password has been
stolen. Businesses use multi-factor
authentication to validate user identities and
provide quick and convenient access to
authorized users.
 What are the benefits of multi-factor
authentication?
• Reduces security risk
• Enables digital initiatives
• Enables digital initiatives
 Identity Verification

• The Identity Verification (IDV) security setting

in Marketing Cloud requires you to
authenticate the browser or app used to
access the application. When you attempt to
log in, the system sends an email with a
verification code to the email address
associated with your account. Enter the code
in the Verification Code field to log in. Ensure
that all users in your account use valid email
addresses in their user profile.
• Identity Verification allows flexibility when setting
up your security parameters. For example, you
can require browser verification for all users or
only for users not on an allow list. For each
setting, define how often users perform the
verification process.
• Steps in IDV
• Enable Identity Verification
Enable Identity Verification (IDV) in Marketing
Cloud under Security Settings.
• Review Identity Verification Log
Review the Identity Verification (IDV) Log in
Marketing Cloud under the Security menu.
• Identity Verification Troubleshooting
Review troubleshooting for Identity Verification in
Marketing Cloud.
 authentication, authorization and
accounting (AAA)
• Authentication, authorization and accounting (AAA) is a
security framework for controlling and tracking user
access within a computer network. AAA intelligently
controls access to computer resources, enforces
policies, audits usage and provides the information
necessary to bill for services.
• These combined processes are important for
effective network management and security. Network
administrators use AAA to maintain network security,
while ensuring that users have access to the resources
they need. The framework also helps prevent
unauthorized access to networks and resources by
giving security teams control and visibility over user
activity.
• Authentication
• As the first process, authentication provides a way of
identifying a user, typically by having them enter a valid
username and password before access is granted.
Other authentication processes can be used instead,
such as biometrics or a smart card.
• Authorization
• Following authentication, the user must be authorized
to perform certain tasks. After logging in to a system,
for instance, they might try to issue commands. The
authorization process determines whether the user has
the authority to issue such commands. Simply put,
authorization is the process of enforcing policies by
determining what types or qualities of activities,
resources or services the user is permitted.
• Accounting
• Accounting measures the resources the user
consumes during access. This can include the
amount of system time or data the user has
sent and received during a session.
Accounting logs session statistics and usage
information and is used for authorization
control, billing, trend analysis, resource
utilization and capacity planning activities.
 Benefits of the AAA framework

• Improved network security.

• Protocol management.
• Flexible and granular control.
• Informed decision-making abilities
• Standardized authentication methods.