Radware: The five most urgent security problems in cloud computing

As companies continue to accelerate the pace of cloud technology, using new technologies such as infrastructure, Service (IaaS) or software as a service (SaaS), the need for solutions to secure access and reliable operations in the cloud architecture is becoming increasingly evident. It now appears that, as enterprise data is kept in different devices, which are provided by different providers or partners, the enterprise must monitor and protect the new "security boundaries". Similarly, carefully weighing how to protect cloud-based data should be incorporated into the enterprise's context as part of the overall security strategy for the enterprise. Protection applications that are protected from distributed denial of service (DDoS) attacks are the most noteworthy.

In a recent real-world attack on the source code hosting provider code MSN, the attacker exploited the combination tool to invade code MSN's overall architecture based on Amazon Web Services (AWS). The threat begins when an attacker attempts to extort code MSN as an exchange condition for stopping a multiple-carrier DDoS attack against it. Finally, the attacker controlled the code MSN AWS Console, virtually removing all data stored in the cloud. The resulting loss of data and the cost of the SLA remediation will make the code MSN Company no longer operational.

Such results are less common, but illustrate an important issue: if an enterprise plans to migrate to the cloud, one step is to develop rigorous plans to address the proliferation of DDoS attacks and their growing threats. Most businesses do not believe they will be the victims of DDoS attacks, so deploying the appropriate defenses is always at the end of the budget priorities when developing IT budgets. In fact, most businesses lack detection tools, so it's not clear how many attacks have successfully invaded their digital assets. IaaS and SaaS providers should be able to create robust security defense mechanisms to help businesses cope with DDoS attacks.

Customers should also evaluate the DDoS mitigation capabilities of cloud providers while proactively taking appropriate defensive measures. Radware Cloud services director Bill Lowry, who has long worked on cloud computing, points out in his article the problems of applying a DDoS mitigation strategy in cloud-based solutions and the five major security issues that need to be addressed in cloud computing.

Protect New Enterprise boundaries

In the past, businesses simply focused their safety on the export of data centers. The adoption of cloud technology means that enterprise data and applications are distributed to multiple data centers, creating new security boundaries for businesses that need to be protected in more places. So how does an enterprise defend itself against all the local data that holds the enterprise?

Technology implementation: Many cloud service providers test or deploy technologies that detect distributed denial of service attacks, but most technologies are based on network sampling data. Inline deployment detects all inbound and outbound traffic, providing the most comprehensive detection and DDoS attack mitigation. When evaluating cloud service providers, users also need to know what tools they use for DDoS detection.

Maintain availability

In terms of definition, cloud technology is a remote access technology. If the enterprise's cloud service provider encounters a severe DDoS attack, the network access to the service is banned, which equates to the enterprise application being "down". What is the enterprise's cloud service provider going to do to prevent this from happening to the enterprise?

Technology implementation: Cloud services providers should deploy cloud and local DDoS combination mitigation tools. This hybrid approach provides the best possible protection: locally deployed hardware can detect and mitigate attacks while also automatically transferring attack traffic to the cloud cleaning center. The cleaning center must be able to handle hundreds of GB of attacks to improve the ability of cloud service providers to protect enterprise resources and business operations.

Quarantine protection between tenants

Attackers can buy cloud services like ordinary users. So how to protect enterprise data from threats within the cloud environment?

Technology implementation: Users can deploy security tools to protect servers deployed in the cloud. Web application firewalls can detect and intercept server-based attacks even if they come from the same cloud architecture as the server. In addition, future deployments of software definition networks (SDN) enable providers to use the network to detect attacks. The security technology that works with the SDN controller can look for suspicious data streams and redirect them to defensive devices for repairs, while normal data streams are still being routed across the network along normal paths.

Mass customization of security tools

To establish pricing that is conducive to competition in the cloud computing market, most providers will choose to create generic protection profiles that are available to most users to reduce solution costs. So how does a cloud service provider with a common security protocol meet specific security requirements?

Technology implementation: Cloud service providers can and should provide universal, comprehensive protection for the entire customer base. However, it should also be possible to provide security tools that can establish unique protective measures in conjunction with the user security situation. Ensure that users can customize the security tools provided by the cloud service provider to meet the specific needs of the user.

Small is big

Weekly headlines will talk about the latest mega-traffic attacks on big banks or reputable websites. However, only about 25% of DDoS attacks are large traffic attacks. How can cloud service providers help businesses cope with these massive traffic attacks?

Technology implementation: Small traffic attacks are not as big as traffic attacks can instantly plug the Internet bandwidth. They target key devices that support enterprise applications-firewalls, load balancers, IPS, and servers. These attacks require only a small amount of bandwidth, almost as small as the operator is unaware of the increase in traffic. These slow-speed attacks, which focus on resource depletion or application vulnerabilities, are usually not detected by tools designed to detect large traffic attacks. Before migrating to the cloud, make sure that your cloud service provider can provide solutions that help users detect and mitigate such small traffic attacks.