Guide to Cloud Security

Guide to Cloud Security Cybergate your cyber security partner

Guide to Cloud Security

A simple guide to cloud security. FREE 20 minute consultation session with our CTO!

The shift from on-premise to the cloud, should be insync with a change in mentality and approach to information and cyber security. The cloud is not in your data centre or at your office, where you have full control. There is the intangible aspect that makes a huge difference.

Migrating to the cloud does not mean you're secure by default. It is still your responsibility - Francesco Mifsud, CTO

A number of high-profile ground shaking hacks in the past few years have created lack of confidence in the cloud and business leaders felt nervous storing their organisation’s data in the cloud. The problem is not the cloud per se but the way it is used. Our very own CTO lists 5 ways to up the security of your data on the cloud.

Use multi factor authentication

Use multi factor and try to avoid using root and super admin account(s) as much as possible. In addition to the required login name and password utilise multi-factor authentication, commonly referred to as two-factor authentication or two-step authentication or two-step verification. This adds an additional layer of security to your standard login.

It is carried out in the form of fingerprints, a uniquely generated code (by for example Google Authenticator app or received via SMS) and voice recognition. The aim is to reduce the risk of your account being accessed should your credentials be compromised.

Make use of security tools

A must-have on all cloud environments is an anti-malware software which detects and removes malicious software such as viruses. These security tools are to be kept up-to-date with the latest malware definitions and should run 24×7 to protect and defend against cyber attacks. Avoid free antivirus/antimalware software! Always opt for anti-malware from a reputable provider. Some free anti-malware software may actually be malware in disguise.

It is best practice to make use of the following security tools: VPCs (Virtual private network) to limit the blast radius should a machine get compromised, WAF for web attacks, and CloudFront or Azure CDN (for Amazon and Microsoft respectively) to counter DDOS attacks.

Closely monitor Login and activity monitoring tools

Never disable the login and online activity monitoring feature(s) provided by your Cloud provider! It is an extremely important tool for debugging and diagnosing issues. Unusual behaviour such as a login from a suspicious location or an out-of-working hours log in, should raise flags.

Follow the least privilege principle for IAM roles

Set limitations on how data is accessed and shared. Permissions are to be organised by role and managed by the user group in a way that the minimum access rights are granted, in order to control as much as possible the authority levels. It is a common occurrence whereby an organisation ends up with multiple users having administrative rights.

In the unfortunate case that one user gets hacked, having the least privilege principle applied, will contain the blast radius and attackers would need to elevate privileges to access more data. This principle is one of the pillars of the layered security approach.

Protect data by using DLP tools (AWS MACIE & Azure DLP)

Data loss prevention software detects potential data breaches! Data ex-filtration transmissions are prevented by constant monitoring by the DLP, detection and blocking of your key data, even while in use. Most DLP tools are AI powered; to alert admins of resources with personally identifiable information (PII) in them.

The cloud simplifies the configuration (and the misconfiguration) process

Book your 20-minute consulting session with Cybergate International Chief Technical Officer – Francesco Mifsud! We focus on cloud security assessments of AWS and MS Azure.

    We are here to help

    francesco mifsud cybergate your cyber security partner
    Francesco Mifsud
    [email protected]

    I live and breathe cyber security and everything else in the discipline. With around a decade of experience in the industry I have had the opportunity to develop skills in penetration testing, cloud security, reverse engineering & exploit development, application security engineering, management and organisation-wide cyber security strategy. I hold a well-rounded set of security certifications such as OSCP, eWPTX and CISSP and have delivered training & workshops at some of the most prestigious hacking conferences such as DEF CON, BRU CON, BSides London and BSides Manchester.