Cloud Hosting

Cloud providers, including Microsoft, Google, and others, have recently acknowledged that they are struggling to cope with an increase in the use of remote tools.

As organizations hastily adapt to remote work, they may not ensure adequate data security. In particular, using the cloud increases the risk of internal threats, as 53% of organizations believe that detecting internal attacks is significantly more difficult in the cloud than on-premises, according to a recent report. Therefore, implementing appropriate measures to mitigate the internal threat to protect data in the cloud has never been as important as it is today for organizations.

First, remote employees use cloud applications to exchange data, including sensitive data, and could mislead them in insecure locations that could lead to a compliance violation. For example, sharing sensitive data through Microsoft Teams, an increasingly popular application for telecommunications, will result in data dissemination in SharePoint Online storage with a high risk of unauthorized access. In fact, 39% of UK respondents to our recent survey are confident that employees in their organizations share sensitive data through cloud applications outside of IT control.

Second, remote employees often work from their personal devices that are not controlled by the corporate IT team, and as such are more prone to data breaches than their corporate PCs. Such devices often have no patches and are therefore vulnerable to cyber threats. Once an attacker has a foothold on the employee's device, they have a "remote control" and can observe and take advantage of any outbound connections from it. Essentially, they can gain access to all corporate cloud services that the user connects to or even to the local corporate network as soon as the user establishes their VPN connection or remote desktop session (RDP) to any internal server.

Additionally, an employee may lose their device or let other family members use it, resulting in unauthorized access. In some rare cases, employees copy confidential data to their personal devices from corporate cloud storage with malicious intent, which is also a serious security risk.

Under normal circumstances, before asking employees to work from home, an organization should ideally develop appropriate security policies with a specific focus on cloud security. First, it is essential to ensure that all user permissions for storage with confidential data are granted on a "need to access" basis to prevent people with internal access from accessing information they do not need to do their job. .

In addition, it is important to establish effective access controls, as well as efficient identity verification methods, such as multi-factor authentication, which will also protect the confidential data of cloud organizations from unauthorized access.

And last but not least, it is critical that the IT department train employees on the "two" and "no" of the cloud, starting with the principles of dealing with sensitive data and ending with instructions for patching and protect your personal devices. All of these measures need to be implemented on an ongoing basis, with the IT team ready to assist employees with any issues when they work from home, be it an operational or security issue.

If an organization does not know where its confidential data resides in the cloud, it cannot guarantee that remote employees follow security policies. This is particularly challenging since modern organizations use multiple clouds.

In fact, McAfee has calculated that an average business uses around 1,427 different cloud services, while an average employee actively uses 36 cloud services at work. The more cloud services remote employees use, the harder it is for an organization's IT team to track how they handle data. It means an increased risk of misplacing confidential data and the poor public relations and compliance conclusions that come with it. To reduce data overexposure, it is essential to have technologies to automatically discover sensitive data across multiple cloud warehouses and continually classify it according to its sensitivity.

Since the cloud is prone to a wide range of threat vectors for data breaches by experts, it is vitally important that an organization detect these cases in a timely manner. Is it malware trying to break into the corporate network, or is it someone with the intention of stealing the customer database? All these security risks in the cloud, and many others, are accompanied by anomalies in user activity. Therefore, if an organization uses cloud computing and cloud storage, it is important to have user behavior analysis (UBA) technologies that can detect deviations from normal user behavior and alert an IT team. about possible threats in the cloud.

Examples of the most common anomalies that indicate a threat include abnormal login activities (such as attempts to login from multiple endpoints, multiple subsequent logons in a short period of time, and an unusually high number of login failures. session); or data access patterns that differ from the past behavior of the user or that of their peers. It is important to note that switching from office work to remote access will likely cause initial changes in user access patterns. Businesses can expect higher-than-normal numbers of false positives from machine learning-based behavioral abnormality detection solutions in the first few weeks after users move out of their headquarters.

Such measures will help organizations minimize internal cloud threats not only during the world's "biggest work-from-home experiment" as Time has called the COVID-19 outbreak, but also when it comes to an end. . With the subsequent economic downturn likely to follow, cloud computing will continue to be a profitable way to run a business. A sustainable approach to cloud security will allow organizations to avoid unwanted data breaches and heavy long-term compliance penalties.

Matt Middleton-Leal is General Manager of EMEA and APAC at Netwrix

Originally posted here:
How to combat insider threats as organizations increasingly rely on cloud computing for telecommunications - NewsDio