Thoughts on Cloud security

Thoughts on Cloud security

Cloud security   /   Jun 1st, 2018   /  A+ | a-
More and more businesses are moving to cloud apps like Salesforce, Microsoft Office 365 and Dropbox from traditional in-house managed systems. While offering reduced costs and effect in managing these environment, security controls often lag behind. GDPR regulations introduced in May 2018 mean that positive control over where data is stored and who accesses it needs to be thoroughly re-examined.

So, security and legal concerns are, rightly, foremost considerations when implementing or migrating to cloud services. Key to mitigating these areas are the following aspects:
  1. While the cloud service providers implement security, it still needs the someone to control and monitor who accesses the systems and data
  2. This leads to the second aspect which is that since access to cloud services is at a user level, this means that it can be difficult to enforce password policies -ie, passwords could be weak or even shared between users
  3. Cloud services are there to allow sharing of data, if this is not controlled then the wrong users could get access to data they should not be seeing
If you add these factors to the fact that cloud services are accessible from anywhere on the internet, it means that hackers are able to target your systems and data.

The solution to these problems, and indeed the proliferation of cloud service usage, is have some way of easily, centrally managing the risk. Enter the "CASB": Cloud Access Security Broker.

CASB systems are able to three key things
  • Firstly, discover and see of all cloud applications used by your users
  • Secondly, provide security access controls for allowed cloud services such as Salesforce, Office365 and Dropbox (and preventing use of non-allowed services)
  • Finally Protect against malware and other cloud threats
1stAdvance offers options for cloud security management here
Top