Learn Cloud, DevSecOps, and more through AI.

Enroll Now
FreeHand Emojji ImagesSubscribe for weekly News Letter from CloudPedia.AI
Enroll Now
Search
Education Images

Ways to mitigate cloud security threats

This blog dives into the concept of cloud security, explaining the shared responsibility between cloud providers and users.

Blog Images
AI generated image using Microsoft Copilot.

What is Cloud Security?

There are two important terms to explain Cloud Security: Security OF the cloud and Security IN the cloud.

Cloud Provider is responsible for “Security of the Cloud” which means protecting the infrastructure that runs all of the services offered in the Cloud. The cloud provider is responsible for the infrastructure which is composed of the hardware, software, networking, and facilities that run their Cloud services.

Customer responsible for “Security in the Cloud” which means responsibility will be determined by the Cloud services that a customer selects. Customer responsibility also varies depending on which model they select. This determines the amount of configuration work the customer must perform as part of their security responsibilities. For example, customers have more responsibility if they subscribe to Infrastructure as a Service (IaaS).

Moving to the cloud is not letting users free from his security responsibilities. Instead it increases their responsibilities. When you deploy an application to the cloud, that application is potentially accessible from anywhere in the world. Based on the data classification, the exposure attracts more threats from the external users. You should design your application with proper authentication and authorization to protect the access. Also need to take necessary measurements to protect the entire network you manage in the cloud with Firewall, Policies and other security monitoring tools.

Ways to mitigate cloud security threats

To mitigate the security threats, better we understand the possible security risks. The Open Worldwide Application Security Project (OWASP) has listed Top 10 categories of possible web application security risks OWASP Top Ten | OWASP Foundation (OWASP Top Ten | OWASP Foundation) (OWASP is a nonprofit foundation that works to improve the security of software)

Below are mitigations you can plan against these risks

  1. Start security thinking from the design itself

  2. Authentication: Implement a solid authentication solution for your cloud applications.

  3. Authorization: Always go with the least privilege policy and Role Based Access Control (RBAC)

  4. Encryption: Use encryption at-rest and in-transit. Always secure data transfer using TLS latest version (currently its v1.3).

  5. Session timeout: Limit session duration by implementing timeout.

  6. Secure client applications from injections

  7. Avoid using wildcard TLS certificates, instead use certificate with complete domain only

  8. Protect all API requests with authentication, API Keys and restrict to allow access by targeted URL

  9. Always use SFTP for file transfer

  10. Encrypt PII data, if any

  11. Use logging and other available tools and techniques to detect security threats and keep on fine tuning the security measures

Have a safe cloud computing

Author Images
Akbar Hussain
Cloud Architect

An accomplished Cloud Architect with over 20+ years of experience in Application Development, Cloud, DevSecOps and Cybersecurity. Helping clients on their digital transformation, cloud migration, application modernization, cost & process optimization, cybersecurity validations and incident management.

We Value Your Input

We are committed to continuous improvement of our code and content based on valuable audience feedback. Please share your comments, suggestions, and any areas where we can enhance your experience.


continue reading

Other Blogs

Card image
Node.js 16: End of Support Looms Large - Time to Upgrade!
Read Article
Card image
AWS Certified Cloud Practitioner - My experience
Read Article
instagram
instagram
instagram
instagram
instagram
instagram