Tdavis_Cloud Security Threats and Mitigation_03142021
docx
keyboard_arrow_up
School
RMU *
*We aren’t endorsed by this school
Course
MIS 548
Subject
Information Systems
Date
Jan 9, 2024
Type
docx
Pages
9
Uploaded by timothy.davis2
Running head: CLOUD SECURITY THREATS AND MITIGATION
1
Cloud Security Threats and Mitigation
Timothy E. Davis
Rasmussen College
Author Note
This paper is being submitted on March 14, 2020 for Stacy Truelove’s CTS4623CCBE Section 01CBE Advanced Cloud Computing Technologies.
CLOUD SECURITY THREATS AND MITIGATION 2
Cloud Security Threats and Mitigation Our finance company is planning to store Personally Identifiable Information (PII) data on the public cloud. As we use the PII data to run analytics to send out credit card offers, we are obligated to stay FINRA compliant as a financial institution. FINRA is an acronym for Financial Industry Regulatory Authority and is the organization that oversees the Securities Exchange Commission (SEC). These organizations are in place to ensure that we as a financial institution stay compliant with storing, transmitting, and utilizing data. With our company utilizing the public cloud, we must take extra precautions to make sure that we adhere and consider all security threats. We want to make sure that we address security threats, implement data encryptions, and utilize threat detection tools with understanding our cloud platform and structure. In addition, we want to make sure that we know the best vulnerability scanning tools and cloud-native security services for our public cloud.
Security threats in the public cloud can range from the point of access to security account credentials. Several security attacks on the cloud are strongly related to the poor management of access points. This is where the users play a critical role in ensuring that we secure these different access points. When vulnerable, these access points are exactly where the hackers look to expose the users and the information that is retrieved through these weaknesses. a way to help protect us from these types of vulnerabilities is by educating our users on securing these access points (Lee, 2012). Both Facebook and Google have experienced very similar situations where hackers retrieve personal information. However, this could have been avoided, as the personal information that was retrieved from the hackers, we're not encrypted and just in plain text. Nevertheless, Google was able to react by implementing a multi-factor authenticator to control
CLOUD SECURITY THREATS AND MITIGATION 3
access. This is extremely helpful as a user would need to have authentication through two different devices to gain access. Additional concerns of security threats are within data leaks and breaches, oftentimes are from negligence and security flaws. This confidential information is often leaked and sold on the black market. When these types of security breaches are detected and traceback to the company that leaks personal information, there are oftentimes fines that can be detrimental to the business.
This happened with Equifax back in 2017, when they had a data breach of over 140 million users' accounts. This was a result of the failure to update the system. Where is this could have been avoided by encrypting data, utilizing multi-factor authentication, and a perimeter firewall. Another threat concern is data loss through alteration, deletion, and or access loss. A way to help mitigate these threats is to back up data to ensure its reliability continuously. These backups should be locating it separately from the original data. The reason to back up in separate locations is that cloud services are integrated through APIs, and hackers tend to utilize primary instruments to access cloud infrastructure points. This can lead to brute force attacks, anonymous
access or even prevent access. This happened this type of situation happen with the Analytical scandal in Cambridge and the use of vulnerable API. They used hidden keys on Facebook API to
obtain personal information. This can be succeeded by emulation testing via penetration testing, where is there is a numerous external attack on the API. This is why it is imperative to run audits and encrypt the SSL layers periodically. Lastly, another security threat to keep an eye on is incorrect configurations. This can result from mismatched data, default security settings, and distorted data on the cloud infrastructure (Behl, 2011). A DOS attack is where the servers are overloaded and calls the system to stop working, which prevents the user from accessing data in
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
CLOUD SECURITY THREATS AND MITIGATION 4
or out. This can be mitigated by limiting the source rate, inspecting the firewall, and ensuring that the cloud is up to date on security features and detection. Data encryption on the public cloud is a solution that encodes data while it travels two and from the cloud-based application as well as the storage to the authorized user that is looking to retrieve the data. Public cloud offers encryption such as encrypted connections, which is to limit encryption specifically for the data that is being recognized and encryption of the data that's
being uploaded in the cloud. Cloud data-in-transit encryption is the most common use HTTPS protocol. Many cloud service providers encrypt data by default or by the click of a button, and they also offer encryption keys so that they may safely decrypt data as needed (Lord, 2018). Encrypting data on the public cloud is strongly recommended to protect from attackers. Though cloud service providers have made it easier to manage keys and encrypt data, some organizations
take it a step further by encrypting their data prior to transferring their data into the cloud. For example, Office 365 is a cloud platform that encrypts data messages that are being sent. This type of cloud encryption is recognized within business industries as being compliant with regulators such as FINRA. When decrypting the data, there is a required decryption key.
The quantum key is a system for advanced data encryption. Many top cloud providers, one being Azure, have implemented this method which is called cryptographic cloud services. Amazon AWS has encryption which is called Amazon S3. Where is SSE and AWS management services have embedded encryption keys. Cloud providers have made it a top priority to encrypt all data consistently. That is data that is being transmitted, data that is being back to, and the data stored. An essential need for the end-user is to secure their encryption keys.
CLOUD SECURITY THREATS AND MITIGATION 5
Due to the benefits of the public clouds being accessible, there is the threat of vulnerabilities. Therefore, there is a need for the public cloud to implement complex and rigid security tools. One of the tools that I use for the public cloud is the bar ability scanning tool. The vulnerability scanning tool scans things such as the host, network, and database scanning. Some scanning tools used on these platforms are Opens CAP, Arachni, Acunetix, Nmap Nikto2, Nets parker, and Open Vas, all open-sourced. Some of the larger cloud service providers, such as AWS
and Azure, provide protection tools that monitor activity and unusual behaviors morning account.
The threat protection tool that AWS utilizes is called guard duty and can be enabled with just one
click. It analyzes things such as Cloud Trail logs, the DNS log, and the VPC flow logs. Any threat that is being detected will alert as well as implement automated remediation. This is also an on-demand tool that monitors malicious activity continuously. It also uses machine learning and integrated threat intelligence to identify threats as well as execute on the most critical threats.
Microsoft Azure has a security center set up to manage threat protection and infrastructure security for the cloud. This security center provides the end-user with a score as two how their infrastructure is rated for security. In addition to the score is a list of issues to address and the priorities. Azure will also alert you in any event of system threats and the center will warn you if the storage data is not encrypted. With conditional access controls you can automatically block out any offender or offer adaptive remediation action which will reset password and multi -factor
authentication enforcement. Vulnerability scanning tools for the public cloud is set to monitor applications and network so that you can identify security vulnerabilities. It is necessary to maintain an up-to-date
CLOUD SECURITY THREATS AND MITIGATION 6
database with any known vulnerabilities so that you are aware of any potential threats. The organization uses these scans to test the applications and networks periodically. Scanners usually produce analytic reports that detail the state of the network or application's security and provide suggestions to mitigate any issues. Nessus is one of the top vulnerability scanning tools and is considered the "de-facto industry standard for vulnerability assessment" (2021). this system performs real-time assessments to help
the professionals identify and fix barn abilities quickly. It also assists with software flaws, malware, as well as missing patches. It is compatible with multiple operating systems, devices, and applications. BurpSuite is another top global security software tool that provides vulnerability scanning for web applications. It is used across many different industries and sectors. This is an advanced tool
that finds an exploited vulnerability within web applications. It can be used to test various reports
on a large scale for vulnerabilities, including SQLi, XSS, and the whole OWASP top 10. IBM Security QRadar is another security vulnerability tool that accurately detects and prioritizes the business's most critical threats. This vulnerability scanning tool scans the network, endpoints,
user data, cloud, and assets against vulnerable information and threat intelligence. Any event that
a threat is detected, AI-powered investigations delivers rapid intelligent insight into the origin of the threat so that the organization can upgrade their level of security. Cloud-native security services for a public cloud is where applications are developed to capitalize on the cloud infrastructure's benefits. Cloud provides application development, limitless computing, and scalability enhancements that are accessible on-demand. AWS offers cloud-native security on their public cloud services. AWS customers can benefit from the data centers and the network architectures that protect their information, applications, devices, and
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
CLOUD SECURITY THREATS AND MITIGATION 7
devices. AWS provides assistance to improve core security as well as compliance requirements. These are features that offer protection, confidentiality as well as data locality. This system also can be automated to perform security tasks to help move the focus to more scaling and innovation activities. Here are some of those tools that are offered by AWS
Data protection - AWS delivers services that help you safeguard your data, accounts, and workloads from unauthorized access. AWS data defense services offer encryption and key management, and threat detection, where it constantly monitors and protects accounts and workloads.
Infrastructure protection - AWS defends web applications by purifying traffic based on rules that you create. For instance, you can filter web requirements based on IP addresses, HTTP headers, HTTP body, or URI strings, whereas it permits you to block typical attack patterns, such as SQL injection or cross-site scripting.
Identity & access management - AWS Identity Services allows you to manage identities, resources, and permissions and scale securely. The applications that are running on AWS, you can use fine-grained access controls that grants your staff, applications, and devices the clearance
needed for AWS services and resources with deployed governance guardrails.
CLOUD SECURITY THREATS AND MITIGATION 8
Reference
(2021). Retrieved 14 March 2021, from https://www.g2.com/categories/vulnerability-scanner
AWS. (2000). AWS Cloud Security. Retrieved 14 March 2021, from https://aws.amazon.com/products/security/?nc=sn
Behl, A. (2011, December). Emerging security challenges in cloud computing: An insight into cloud security challenges and their mitigation. In 2011 World Congress on Information and Communication Technologies (pp. 217-222). IEEE. Lee, K. (2012). Security threats in cloud computing environments. International journal of security and its applications, 6(4), 25-32. Lord, N. (2018, September 11). What Is Cloud Encryption? Retrieved 14 March 2021, from https://digitalguardian.com/blog/what-cloud-encryption
Khan, N., & Al-Yasiri, A. (2018). Cloud security threats and techniques to strengthen the cloud computing adoption framework. In Cyber Security and Threats: Concepts, Methodologies, Tools, and Applications (pp. 268-285). IGI Global. McKendrick, J. (2019, August 17). Cloud security is too important to leave to cloud providers. Retrieved 14 March 2021, from https://www.zdnet.com/article/cloud-security-is-
tooimportant-to-leave-to-cloud-providers/
CLOUD SECURITY THREATS AND MITIGATION 9
Robb, D. (2019, July 30). Top Vulnerability Scanning Tools. 14 March 2021, from https://www.esecurityplanet.com/network-security/vulnerability-scanning-tools.html
Shaikh, F. B., & Haider, S. (2011, December). Security threats in cloud computing. In 2011 International conference for Internet technology and secured transactions (pp. 214-219). IEEE.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help