In the wake of recent cyber-attacks, businesses are stepping up their interest in security specifically regarding their cloud infrastructure.
The first step to ensuring your company stays out of the cyber-attack headlines is to understand the most common threats to your cloud infrastructure. We look at six of these in this two-part post.
System vulnerabilities
The exploitation of system vulnerabilities is not a new phenomenon however it is something that continues to happen as we’ve seen with the recent spate of worldwide cyberattacks. Fortunately, these attacks can be mitigated with basic IT processes. Best practices include regular vulnerability scanning, prompt patch management, and quick follow-up on reported system threats.
Hacked interfaces
Practically every cloud service and application now offers APIs. With that said weak interfaces and APIs expose organisations to security issues related to confidentiality, integrity, availability, and accountability. APIs and interfaces are often the most exposed part of a system because they’re usually accessible from the open Internet. Ensure that you have adequate controls in place to mitigate this risk.
Malicious insiders
From disgruntled employees to business partners the insider threat has many faces. An insider hell-bent on data theft or revenge can destroy whole infrastructure or manipulate data with ease in a vulnerable cloud environment. To protect yourself control the encryption process, segregate duties and minimise the access given to users. When insiders move on ensure that you cancel all access to company data and change passwords and access codes where necessary.