Five best practices to ensure cloud computing security

If we look back, we will find that 2014 years is likely to be the year of the most significant security breaches ever reported.

It can be said that the lawless elements have been armed to the teeth, but although many criminals at the technical level has indeed made great progress, but it seems to me that the real striking is that the existing security practices and technology could have prevented many such leaks.

Many unfortunate companies are caught in a common trap, often referred to as "compliance is safe" mentality. The idea is that if the company spares no effort to comply with any laws, including the Health Insurance Portability and Accountability Act (HIPAA) and the payment card Industry Data security Standards (PCI), it will actually be "safe". Sadly, that is far from the case. As with many kinds of statutes, complying with the law actually means giving very little absolute effort.

This is not brokered rules, and compliance is really important. Even with the greatest effort, you will never be able to secure 100%. But if cloud services want to give themselves the greatest chance of avoiding the very serious consequences of a major leak, they should now do well in these five practices.

1. Continuously ensuring visibility

First, companies need to ensure 100% visibility and keep abreast of their technical assets and services. In short, if you do not understand the situation, protection will not be discussed. Always understand what assets or services you have and how they work. This sounds extremely basic, but ensuring visibility can be a challenge, given the automation, resilience, and on-demand nature of modern virtual infrastructures. Once you get a sense of the infrastructure, applications, data, and users, you can begin to understand how to limit the scope of the attack and more effectively prevent or mitigate the attack.

2. Risk Management

This means adding context for visibility and transparency in the first best practice. Once transparency is achieved, companies need to eliminate obvious security vulnerabilities (outdated workstations and mobile devices, etc.) that are known to exist within the corporate network. The key to mitigating exposure risks at this level is the use of constantly monitored tools, as well as strong security vulnerabilities and security configuration management techniques and practices.

3. Strong access Control

This best practice seems self-evident, but often improperly implemented. While many companies do implement access control measures, they often grant unnecessary access. In recent leaks, an effective access control ID has been used to break into a system that has nothing to do with a person's functional department. They have access, simply because of the level they have in the business, even though they do not actually need that kind of access to get the job done. Make sure you implement the appropriate access management and authority monitoring mechanisms. The concept of least privilege is critical in this regard and it is also important to constantly monitor user activity to ensure that it is not contrary to your business policy.

4. Data protection and encryption

Once you have established strong access control mechanisms to ensure visibility and mitigate known vulnerabilities, you need to encrypt all data that you know is sensitive. Look back on some of the leaks before. You can find out which categories of data you need to protect and what priorities you need. This usually means protecting "static data" and "Dynamic Data," but also implementing technologies such as data Loss Prevention (DLP) to ensure that data is not sent outside the corporate network in the event of a compromise.

5. Crisis management

Few companies have policies and procedures in place to quickly respond to data leaks and mitigate damage. In a word, even if the use of sound security practices, leaks will occur, this is not "will not happen" problem, but "when will happen" problem. In order to protect against this situation, the company will implement the corresponding process and technology, so that they can quickly respond to mitigate any security breaches of the adverse impact of the incident. This means knowing that you have been attacked and what can be done to limit its impact. The techniques involved include: file integrity monitoring, intrusion detection and forensic data for post analysis. Develop a set of action plans before the leaks occur and follow the action plan once the leaks are detected.

No matter which industry you are engaged in or how many cloud services you use, your business should implement these five major security elements and act as part of your daily work. Remember: compliance is not equal to safety. It represents only the most basic protection. Compliance is powerless to deal with abnormal security or advanced persistent threats (APT): In this case, hidden malware can cause a security breach for a long time.