ChannelLife US - Industry insider news for technology resellers
United States
Guides
#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes
Search
Story image
#
Malware
#
Firewalls
#
Data Protection

Businesses intensify efforts to secure data in cloud computing

Today
Author image
By Sean Mitchell, Publisher

Businesses are increasingly turning to cloud computing for greater agility and flexibility, prompting a renewed focus on cloud security compliance and the challenges of safeguarding data in these dynamic environments.

Cloud security refers to the cybersecurity guidelines, best practices, safeguards and tools used to protect infrastructure, data, and apps in cloud environments. Its primary aims include managing access, maintaining data governance and compliance, implementing disaster recovery measures, and protecting network and storage against both internal and external threats.

The rising adoption of cloud services comes as businesses seek to accelerate innovation and meet the demands of modern consumers. However, as these environments become more complex, traditional security strategies often fall short, necessitating new approaches to ensure data remains protected across various platforms, applications, and infrastructures.

Cloud security is implemented by integrating policies, procedures, and technologies designed to support regulatory compliance and protect data privacy. It also focuses on controlling user and device access through robust authentication mechanisms. A key aspect of this process is the shared responsibility model, under which both the customer and the cloud service provider (CSP) are involved in maintaining security.

Building a robust security strategy begins with understanding the delineation between the customer's and the provider's responsibilities. Customers are typically charged with securing network controls, identity and access management, data, and applications within the cloud, while the CSP maintains the core infrastructure. The specifics of these responsibilities depend on the service model and provider in question.

The importance of effective cloud security has grown as more organisations shift away from traditional on-premises infrastructure. This shift brings new regulatory expectations relating to data governance and compliance. Hybrid and multicloud environments offer businesses unprecedented flexibility, but also introduce complexity, increasing the challenge of preventing unauthorised access.

Many companies, in their pursuit of swift digital transformation, may overlook security best practices. Attackers are adjusting their tactics accordingly, viewing cloud environments as potentially vulnerable targets.

A well-considered cloud security plan is regarded as essential for reducing breaches or damage, improving compliance, and enhancing customer trust, even if it cannot eliminate all risks. According to the statement, "A well-thought-out cloud security plan can significantly reduce the likelihood of breaches or damage, enhance compliance, and increase customer trust—even though it can never completely prevent attacks and vulnerabilities."

Cloud computing faces a variety of security risks, including insider threats, data breaches, data loss, phishing, malware, distributed denial of service (DDoS) attacks, and insecure application programming interfaces (APIs).

Visibility is a key challenge, as cloud-based resources are often hosted on third-party infrastructure outside a company's direct control. "Cloud-based resources are hosted on third-party infrastructure that is not part of your company's network. Consequently, cloud environments are not a good fit for traditional network visibility tools, which makes it hard to monitor all of your cloud assets, how they are being accessed, and who can access them," the statement notes.

Configuration errors also contribute significantly to data breaches. Organisations may not fully understand how to secure their cloud infrastructure, leading to issues such as unencrypted data, use of default passwords, or incorrect permission settings. As explained, "One of the main reasons for data breaches in cloud environments is improperly configured cloud security settings. Although cloud-based services are designed to facilitate data sharing and easy access, many organizations might not fully understand how to secure cloud infrastructure. Misconfigurations like failing to activate data encryption, using default passwords, or improperly handling permission controls can result from this."

Access management presents additional challenges due to the accessibility of cloud deployments via the public internet. This convenience can be exploited if credentials are compromised or access controls are inadequate. "The public internet can be used to directly access cloud deployments, making it convenient to access them from any device or location. However, it also means that with compromised credentials or inadequate access control, attackers can more readily obtain authorized resources," the statement continues.

Despite these risks, cloud security offers several advantages. The statement clarifies, "The truth is that cloud security is no more or less secure than on-premises security, despite the fact that it has frequently been presented as a barrier to cloud adoption. Actually, there are a lot of benefits that cloud computing security provides for companies that want to strengthen their overall security posture. The best cloud providers have layered security and secure-by-design infrastructure that is integrated into the platform and its services."

These integrated security features include encryption, multi-factor authentication, identity and access management, zero-trust network architectures, and continuous monitoring. Cloud environments also enable automation and streamlined management of security controls across resources.

The statement concludes, "Cloud security remains a critical aspect for businesses as they transition to cloud-based services. With the increasing number of cyber threats, organizations must prioritize strong security protocols to protect sensitive data. The evolving landscape of cloud technologies requires continuous innovation and adaptation to safeguard against emerging risks. Ultimately, a comprehensive cloud security strategy is essential for maintaining business integrity and customer trust in the digital age."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
NextCycle triumphs in Siemens & Sony immersive design contest
Cloud Security Alliance report urges new defences for cloud
Kaspersky warns AI password generators lack true randomness
Zero-day hackers shift focus to enterprise tech in Google's report
GitHub Copilot surpasses 15 million users as AI tools expand
Top stories
Rod Squires named CloudBolt CEO post-StormForge deal
Cloudflare & Anthropic team up to power secure AI app links
Juniper leads 800GbE data centre market with 44 percent share
Radware secures record cloud security deal with US financial giant
Sonata Software wins USD $73m deal for AI-powered upgrade