BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Combat the latest cloud security challenges and risks
-
Photo Story
Combat seven common cloud security risks
Cloud isn't free from risks, but most of them are preventable if you are prepared. Conquer these seven common security risks, ranging from a lack of encryption to poor API management. View Now
-
Article
Some cloud security concerns are more fiction than fact
Cloud security remains a top concern for enterprises, but some of those concerns lack validity. Find out if your data is really secure in the cloud and if cloud providers truly offer the best line of defense. Read Now
-
Article
Wake up from these three cloud nightmares
Data breaches, compliance mistakes and shadow IT can create huge problems for enterprises. Cloud expert David Linthicum offers advice on how to prevent these stressful situations. Read Now
-
Article
Avoid these emerging multicloud security issues
Enterprises adopt multicloud environments to gain greater availability, but often overlook some serious security issues. Find out where the vulnerabilities are before you broaden your cloud environment. Read Now
Editor's note
Even though the benefits of cloud computing are clear to most enterprise IT teams, security remains a top make-or-break issue, often influencing organizations' decisions around cloud. A primary fear is losing control over IT infrastructure and applications, once they're in a public cloud provider's hands.
But security technologies are evolving, and enterprises have more access to cloud security tools that provide the control and visibility they crave. New environments, such as hybrid and multicloud, can create additional gaps and vulnerabilities, but tools, such as cloud access security brokers, now target those unique attack surfaces. By forming a comprehensive strategy, enterprises can take a proactive approach against cloud security challenges and risks.
1What to consider when building a cloud security plan
After deciding to migrate to the cloud -- and getting the business on board -- reevaluate your IT strategy to address any cloud security challenges and risks. Start by researching cloud providers' capabilities to determine if their certifications and tools fit your security requirements. Don't assume your provider will handle all your security needs; sometimes, adding third-party tools is necessary to address vulnerabilities. Finally, when securing your cloud, remember there are internal cloud security threats as well as external. There is no one-size-fits-all security strategy, so be sure to craft your plan around the enterprise's individual needs.
-
Article
Change the minds of cloud security doubters
Some enterprises are still not convinced that their data will be secure in the cloud. Win the cloud security argument in your organization with these tips. Read Now
-
Article
Read between the lines of providers' cloud security assessments
When choosing a cloud provider, security is always on enterprises' minds. Evaluate a cloud provider's security assessments and certifications to confirm that data is fully protected -- but don't stop there. Read Now
-
Article
Rethink your shadow IT strategy
Shadow IT is ever-present and building a plan to combat it can be tricky. Follow these four steps to form a solid shadow IT strategy. Read Now
-
Article
Enterprises and providers need to share cloud security responsibilities
To ensure data security, cloud providers and enterprises need to work together. Take a closer look at the shared responsibility model to define the roles of accountability. Read Now
-
Article
Evolve your zero trust security model for cloud
The cloud helps IT organizations scale their zero trust security policies, but can also introduce new challenges, such as reliance on services made available via cloud APIs. Read Now
-
Article
Set up network security groups for public cloud
Add extra protection to cloud instances with network security groups, and evaluate what public cloud security options AWS, Azure and Google have to offer. Read Now
-
Article
Double check your cloud API security
With cloud API's large attack surface, security in that area should be a top priority. Reduce risks with sessionless security and reporting. Read Now
-
Article
Build an OpenStack security strategy
The OpenStack platform is still a work in progress, which can increase security risks. Tasks such as shortening the lifespan of OpenStack authentication certificates can help. Read Now
2Build a wall around your cloud with security tools
Cloud is always evolving, which means cloud security technologies need to evolve alongside it. Hybrid and multicloud environments present new cloud security challenges and risks as data moves between on premises and the cloud. To address this vulnerable gap, cloud access security brokers (CASBs) focus on protecting that in-between area. Cloud security tools are also becoming more specialized, targeting certain areas such as data, through encryption, or user authorization, through IAM management. Explore provider and third-party tools to reduce cloud security threats.
-
Article
Build a safe bridge between IT environments with CASBs
With the increased popularity of hybrid cloud, data that moves between on-premises and cloud is at risk. Cloud access security brokers step in to protect data when as it travels. Read Now
-
Article
Weigh the pros and cons of implementing a CASB
Before you add cloud access security brokers to your toolchain, consider the possible negative effects, such as reduced productivity and shadow IT. Read Now
-
Article
Choose and deploy CASBs wisely
Not all cloud access security brokers are created equal. Expert Stephen Bigelow offers guidance for adding extra security without sacrificing performance. Read Now
-
Article
Single sign-on drives cloud IAM market growth
Enterprises are attracted to the convenience of single sign-on abilities, but the increased use of mobile devices has created more IAM security problems, as well as shadow IT and BYOD. Read Now
-
Article
Explore options for cloud encryption technologies
Sometimes, encryption services from cloud providers don't deliver enough protection. Bulk up your cloud security with third-party vendors and centralized encryption. Read Now
3Climb into a hacker's mind with cloud security testing
One of the best ways to find cloud security is to attack like a hacker would. Testing your cloud is a critical part of a cloud security strategy. Not all environments have the same weak spots and there is no standard test that will discover all issues. In addition, don't assume that certain workloads don't need to tested, just because they're inaccessible from the internet. When it comes to cloud security challenges and risks, don't overlook internal threats. Testing your cloud is the only way to know where your cloud needs some extra security attention, whether external or internal.
-
Article
Prevent attacks with a cloud penetration testing plan
Cloud threats can come from anywhere, even internally. Find vulnerabilities in a public cloud environment by creating a penetration testing plan. Read Now
-
Article
Take control of public cloud with security testing
There is no standard security offering that will perfectly protect every cloud. Find weak spots and customize security by performing comprehensive tests with automated tools. Read Now
-
Article
Find out if your cloud security model is robust enough
There are many steps to take when securing a cloud, including compliance processes and testing. Use this flow chart to see if your public cloud is secure enough. Read Now
-
Article
Put your cloud security knowledge to the test
Major security breaches, including those at well-known retail giants, have enterprises doubting cloud's security. Take this quiz to see if you know how to keep your data safe in the cloud. Read Now
4Stay up to date on cloud security
Cloud security has been stealing tech headlines with data breaches, new technologies and improved compliance agreements. These stories reveal new cloud security challenges and risks, as well as the improvements being made to answer those concerns. Top cloud providers, such as Amazon Web Services, Azure and Google, continue to compete with each other to provide the best security services possible, with each new update bringing more protection to the cloud. Providers are also keeping a close eye on the transfer of personal data between the U.S. and Europe.
-
Article
Safe Harbor agreement dissolves, but questions remain
The cloud community was not surprised by the dissolution of the Safe Harbor agreement, but concerns regarding data privacy are still present. Read Now
-
Article
Privacy Shield does not quell all data privacy worries
With the adoption of Privacy Shield, Microsoft praises the clarity it provides. But while it is an improvement over the Safe Harbor agreement, there are still some grey areas to address. Read Now
-
Article
Google steps up its game with cloud security
In an attempt to catch up to AWS and Azure, Google implements new cloud security certifications that may lure more enterprise customers. Read Now
-
Article
Linode's quick security response may not be enough
Linode experienced multiple DDoS attacks during a password reset and, while its response was swift, the transparency of the situation may not be enough to give customers peace of mind. Read Now
-
Article
Not all IT pros should have their own encryption key
Numerous vendors have added encryption capabilities as well as key management, but deciding who should hold the keys to the kingdom is still a concern. Read Now
5Learn important cloud security terms
To recognize and overcome cloud security challenges and risks, it's important to understand the vocabulary. No matter your knowledge level, here are some basic definitions you should know.
-
Definition
cloud computing security
Cloud computing security is the set of control-based technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use. Read Now
-
Definition
cloud access security broker (CASB)
A cloud access security broker (CASB) is a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure. Read Now
-
Definition
cloud encryption (cloud storage encryption)
Cloud encryption is a service offered by cloud storage providers whereby data, or text, is transformed using encryption algorithms and is then placed on a storage cloud. Read Now
-
Definition
cloud service governance
Cloud services governance is a general term for applying specific policies or principles to the use of cloud computing services. The goal of cloud services governance is to secure applications and data when they are located remotely. Read Now
-
Definition
compliance
Compliance is the act of being in alignment with guidelines, regulations and/or legislation. Organizations must ensure that they are in compliance with software licensing terms set by vendors, for example, as well as regulatory mandates. Read Now
-
Definition
identity and access management (IAM)
Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities. Read Now
-
Definition
pen test (penetration testing)
Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Read Now
-
Definition
shadow IT
Shadow IT is hardware or software that is not supported by an organization's IT department. The term often carries a negative connotation because it implies the IT department has not approved the technology or doesn’t even know that employees are using it. Read Now