Author: Johnty Mongan
Online-based infrastructure, applications and platforms (otherwise known as ‘the cloud’) are widely used by organisations and individuals to store and back up data. The security of these services can depend on the individual cloud service provider, and each provider makes security recommendations for running workloads securely in their environment.
However, the implementation of security processes should be a joint responsibility between the cloud provider and the user.
Over 98% of organisations use some form of cloud-based infrastructure.1
In 2022, 57% of businesses moved their work to the cloud.2
85% of organisations with large cloud footprints said their sensitive data has been exposed in the cloud.3
How does cloud security work?
Cloud security consists of a set of policies, procedures, controls and technologies that work together to protect cloud-based systems and the data held within them. These security measures support regulatory compliance, with data stored in the cloud typically encrypted, and authentication rules set for individual users and devices. Cloud security can be configured to the specific needs of the business in order to ensure data and applications are readily available only to authorised users with a ‘digital key’.
Common cloud security risks
According to a report by software provider, Check Point, in the last 12 months, 27% of organisations have experienced a security incident in their public cloud infrastructure.4
This demonstrates that while cloud-based systems are designed for robust data security, there is still potential for the risk of data breaches if security is compromised. Some of the main threats include:
- Data loss and breaches: The loss of data due to cyber incidents (such as ransomware attacks) or human error, or the leaking of sensitive data caused by security misconfigurations.
- Distributed Denial of Service (DDoS) attacks: An attack by a threat actor to disrupt the online systems and services of the organisation, overwhelming the systems to destroy its ability to function.
- System vulnerabilities: If an organisation’s cloud deployment shares a physical server with other cloud resources that are not trusted/secure, it could result in potential software vulnerabilities being exploited if sensitive data is held within a shared physical memory.
- Access management issues: Mismanagement of access credentials can enable threat actors to access user accounts with malicious intent.
- Insider threats: A disgruntled employee with system administrator access could potentially compromise an organisation’s cloud security.
- Insecure Application Programming Interfaces (APIs): Cloud security providers allow API access to their product for automation of a cloud deployment. If these APIs are not secure, cloud security can be compromised.
However it happens, experiencing a cyber incident or data breach due to vulnerabilities in your cloud security systems can have serious implications for your organisation. In the UK, companies who breach UK GDPR and/or the Data Protection Act can find themselves facing substantial fines on top of potential breach response/remediation costs and reputational damage.
How Gallagher can help
Gallagher Cyber Risk Management team works with businesses of all sizes to strengthen their cybersecurity, including in cloud-based environments. We can carry out a cloud security audit for your organisation, which is a non-intrusive review of your cloud computing systems. Through this process, we can help to identify risks, weaknesses and vulnerabilities—allowing us to provide remediation advice in order to strengthen your cloud security posture.
We can perform the audit for a number of products, namely Amazon Web Service (AWS), Microsoft Azure and Microsoft Office 365. To find out more about what the audit involves and how it works, please get in touch.