How Businesses Are Accidentally Exposing Cloud Services – Don’t Make The Same Mistakes
There are countless hackers out there just waiting for your business to leave your data vulnerable. With the introduction of the cloud, you felt a bit more secure and slept slightly better at night – but now, it seems that was precisely what hackers wanted us to do.
It’s reported that 53% of businesses using cloud storage accidentally expose their data to the public. This is like securing your whole house, locking all doors and windows, and then going to sleep with the garage wide open.
This doesn’t just point the finger at small businesses either. The study showed that even big-name companies such as Amazon Simple Storage Service (Amazon S3) had inadvertently exposed one or more of these services to the public. The scary thing is that the previous survey showed this was occurring only 40% of the time. Now, this number has grown to 53%.
This study was conducted in 2017 between the months of June to September. Within those two months, they found that businesses are not only exposing their own data but they are also neglecting vulnerabilities in their cloud. When you ignore these things, you put not only your customers at risk but also the livelihood of your company as well.
What Are You Exposing?
The report shows that businesses weren’t solely leaking data such as customer information, but incredibly dangerous information such as access keys and other private data as well. These cyber-attacks commonly expose data such as personal health information, financial information, passwords and usernames, trade secrets, and intellectual property. With two million new malware attacks launching every day, it’s more important than ever to stay in a constant state of vigilance.
Example Through Viacom
This is similar to the Viacom breach in 2017, which was discovered and exposed by UpGuard, a security firm. Viacom’s vital information — from their subsidiaries such as Paramount, Comedy Central, and MTV — was exposed including not only passwords and manifests for Viacom’s servers, but also data pertinent to maintaining and expanding their IT infrastructure was as well. Of the data exposed, the most significant was Viacom’s access key and secret key for the corporation’s AWS account. With this information, a hacker could have gained control of Viacom’s servers, storage, or databases. Viacom is an $18 billion multinational corporation, yet it apparently still had massive security weaknesses.
How Are You Exposing Your Cloud Data?
There are a few ways that users are accidentally exposing the data they store in the cloud. The main four reported are:
Understanding each of these is pertinent to combating them, and securing your business and your cloud data.
A common misconception is that it’s the service provider’s responsibility to keep cloud data safe – this is not true. Most of the damage caused by ignoring vulnerabilities can be prevented by training. If your staff is trained to recognize weaknesses, then they can be more proactive in fighting against them. More than 80% of businesses are not managing host vulnerabilities in the cloud. Vulnerabilities include insufficient or suspicious credentials, application weaknesses, and inadequate employee security training.
Abusing Or Misusing Employee Access
CloudPassage’s Cloud Security Spotlight Report found that “53% of organizations see unauthorized access through misuse of employee credentials and improper access controls as the single biggest threat to cloud security”. Employees abusing or misusing their credentials happens mainly in two ways: the first is by using unsecured devices on a secure network or connected to the corporate cloud. Mobile devices make up for 51% of all cybersecurity breaches. Often, users rely on mobile devices to continue working, while on lunch break or even on the weekend. Accessing your cloud from these mobile devices poses a new threat. While computers and other on-premise devices have high-security protection, often personal phones and devices are not as safeguarded. The second is by using different employee’s credentials to access items that their credentials aren’t authorized for.
Accepting Inbound Connections
37% of databases accept inbound connection requisitions from the internet, with 7% of these being from suspicious IP addresses. When you accept incoming connections with insufficient or dubious credentials, you allow access to all of your critical data, without resistance. Once the hackers have access, they are able to not only view and read data, but they can additionally modify or delete data. Having stronger policies specifically addressing inbound connections can prevent this from happening to your business.
Not all the attacks and vulnerabilities are the fault of the business. Some of these attacks are far more complex than most businesses are prepared for, including big-name companies. These sophisticated attacks not only know and bypass the company’s vulnerabilities but also various application weaknesses. For example, a computer software program could have a minor flaw in its security, which can lead to the total collapse of the entire system.
What Can You Do About It?
The first action you can take against attacks like this is recognizing suspicious IP addresses. Have a policy in place for identifying, flagging, and isolating suspicious IP addresses. Spending a few extra minutes of your time could save months of recovery and downtime.
Secondly, limiting the way that the hackers gain access is key to protecting your company. One of the easiest ways for a hacker to gain access to your cloud is through your email. Protecting your email provides a strong defense against these breaches. Having an email policy such as using strong passwords, changing passwords frequently, avoiding opening phishing emails, or clicking on suspicious links provides another layer of defense. Additionally, it is essential to also have policies in place that protect against misuse of credentials such as connecting unsecured devices to the cloud.
Another way that organizations can better secure their cloud is to train their IT staff. The Cloud Security Spotlight Report states that “61% of organizations plan to train and certify existing IT staff, while 45% of other organizations plan to partner with a managed security services provider or deploy additional security software to combat these issues”.
It’s important to pay attention to mistakes that others have made so that you don’t suffer the same consequences. It also helps to be diligent in looking for suspicious IP addresses or emails. Remember that this allows hackers to quickly gain access to your cloud data. Be sure t,o train and certify the IT staff you already have – cyberattacks are all but guaranteed. What isn’t guaranteed is how prepared your business is to thwart off those attacks.