Cloud computing has completely transformed how companies operate, helping business leaders to increase scalability, improve collaboration, cut costs and more. But when COVID-19 was , many businesses worldwide had no choice but to adapt their processes. declared a global pandemic on March 11 2020 by WHO found that more than 80% of organizations have increased their use of the cloud due to the pandemic and the shift to remote working patterns. Despite life returning to some kind of ‘new normal’ and some businesses adopting a hybrid work model, this certainly isn’t the end of the cloud. Research from Snow Software The same research also suggested that 66% of businesses will continue to use cloud services, and forecasts that the cloud market will reach $832.1 billion by 2025. another report from MarketsandMarkets While the benefits of this technology typically outweigh the drawbacks, many customers and assume that the cloud service provider (CSP) is solely responsible for the entire cloud environment when they’re not. In fact, security is a shared responsibility between the CSP and the company. often overlook cloud security The top security issues in cloud computing today and beyond To prevent your business from making costly mistakes, here are some of the most significant cloud computing security issues and challenges you need to know. 1. Cloud account hijacking A (IFP) found that account hijacking is the biggest cloud threat facing businesses (45%). This type of attack occurs when a user’s account credentials are stolen or hijacked. Attackers can hijack an account using different techniques such as brute force attacks to gain access by guessing the password. recent cloud security study conducted by Insights for Professionals While account hijacking has been around for a while, Yasser Ali, an independent researcher based in Egypt, that left around 150 million accounts exposed to this type of attack. Fortunately, Yasser reported it to PayPal’s security team as part of its Bug Bounty program and was rewarded $10,000. identified a PayPal vulnerability in 2014 “One of our security researchers recently made us aware of a potential way to bypass PayPal’s Cross-Site Request Forgery (CSRF) Protection Authorization System when logging onto . Through the PayPal Bug Bounty program, the researcher reported this to us first and our team worked quickly to fix this potential vulnerability before any of our customers were affected by this issue. We proactively work with security researchers to learn about and stay ahead of potential threats because the security of our customers’ accounts is our top concern.” – PayPal spokesperson PayPal.com As threat actors evolve their tactics to find security vulnerabilities in your cloud services, it’s vital that you encourage your workforce to create secure passwords and change them frequently. To further strengthen your defenses, consider deploying multifactor authentication (MFA) which adds an extra layer of protection, preventing hackers from accessing your account remotely. With more phishing attacks on the rise, increasing numbers of hijacking attempts will occur. found that 96% of attacks typically arrive by email. Therefore, business leaders should also provide training on the so employees know what signs to look out for. Verizon’s 2021 Data Breach Investigation Report common types of phishing 2. Data breaches As more businesses adopt cloud computing to boost productivity and ensure business continuity, the risk of breaches increases as threat actors find new ways to exploit vulnerabilities across multiple cloud services. One report found that approximately in the first half of 2021. 18.8 billion records were exposed The consequences of a data breach can be devastating from a reputational and financial perspective. With , it’s no surprise that business leaders ranked data breaches as their second biggest cloud threat, according to IFP. companies on average having to pay $4.24 million per incident To avoid breaches, there are several measures you can take to safeguard your data, including: Encrypting sensitive data at rest or in transit Deploying an MFA solution Educating your employees about data handling and sharing Carrying a regular security audit to see who’s accessing your data and restricting access to certain users. 3. Lack of visibility One of the biggest cloud threats facing businesses is that they don’t have comprehensive visibility into how workers are using business data across internal/external devices and different cloud services. According to , only 7% of firms have extremely good visibility while nearly 60% have moderate or slight visibility. Forcepoint As employees adopt external services or applications to access secure data or files without IT’s approval, it can pose a serious security risk to businesses. For example, found that 80% of employees are using SaaS apps at work without approval from the IT department, 83% of IT professionals reported that workers stored data on unsanctioned cloud services while identified that 1 in 5 organizations suffered a cyberattack due to shadow IT. research from G2 another study conducted by NCSC With growing in popularity, business leaders must ensure they’re monitoring usage in the cloud. Here are several tips to consider: shadow IT Invest in (CASBs) to monitor data and service usage across various cloud environments cloud access security brokers Require all unsanctioned cloud services or applications to be reviewed and approved by the IT team Provide adequate training on acceptable cloud usage policies. 4. Insider threats As business leaders defend their infrastructure, apps, and data against external forces, they often overlook what goes on internally. shows negligent insiders accounted for 61.39% of all security incidents and up to a quarter (24.75%) of them had their credentials stolen while malicious insiders were responsible for 13.86% of all incidents. Research from Tessian Whether intentional or negligent, insiders can cause a lot of damage if you’re not taking proactive measures to secure your systems. Indeed, the same study revealed that the global cost of insider threat incidents has increased by 31%, from $8.76 million in 2018 to $11.45 million in 2020. While some businesses are more vulnerable to insider threats than external attacks, the positive news is that it can be prevented by taking proactive measures, such as: Limiting the number of users with privileges and access to sensitive data Performing regular security audits and revoking access where necessary Providing regular user training to reduce the number of security incidents caused by negligence and give employees the confidence to recognize and report threats (e.g. educating staff to avoid phishing attempts) Investing in tools such as that uses AI or machine learning to detect any suspicious activity. user behavior analytics Conclusion As cloud adoption continues to soar post-COVID and workers adopt a wide range of services and applications, it’s important that business leaders keep up to date with the latest security issues and challenges in cloud computing and make the right decisions.

Transit

2022 - HackerNoon Contributor of the Year - Cloud Computing

Nominated for 2022 - HackerNoon Contributor of the Year - Cloud Computing

Too Long; Didn't Read

Developers: Build Less. Deliver More. [Learn how]	

The 4 Biggest Cloud Computing Security Challenges

Too Long; Didn't Read

Companies Mentioned

Aikma

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

The 4 Biggest Cloud Computing Security Challenges

Too Long; Didn't Read

Companies Mentioned

Aikma

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES