Chris Waynforth at Imperva sets out the essential principles that support moving to the cloud securely.
Is your organisation one of the 88% that uses cloud computing in some capacity? If yes, you might have a lingering data security issue on your hands.
By 2023, industry analysts predict that 75% of databases will be hosted in a cloud platform. Over the past 12 months, IT transformation was accelerated by the need to adapt for remote work amid a global pandemic. In fact, it’s believed that two years of digital transformation were compressed into roughly two months.
Cloud remains a foundational IT investment for companies, of all sizes, that want to reduce infrastructure costs and accelerate digital transformation. However, with more cloud usage comes greater data security risks.
Plan for new cloud data security risks
Too often, organisations migrate data to the cloud and assume data security is the responsibility of the cloud provider. Unfortunately, that’s fake news. Organisations mistakenly believe their cloud providers have visibility and oversight into how sensitive data is being protected. Through 2025, it’s believed that at least 95% of cloud security failures will be the fault of the company using the cloud service.
In a shared responsibility model, security teams must take ownership of legacy data security concerns and must also account for potential vulnerabilities in new cloud environments. Further, there’s the added challenge of understanding where the data lives. Most security teams are doing little more than managing the collection of raw data, but that doesn’t fulfill compliance requirements.
Companies increasingly store data in dozens of diverse databases or data lakes. In a rush to reap the benefits of the cloud, many overlook the potential gaps or vulnerabilities associated with the technology. As Imperva researchers discovered, misconfigurations in public clouds can quickly lead to a compromise.
Understand the responsibility of data
To avoid becoming headline news, businesses need to understand exactly what the responsibilities are for securing data before migrating it to the cloud.
Cloud service providers will do their best to ensure there are no flaws in their overall systems that would allow a breach, but the data stored in the cloud is ultimately your responsibility. Many companies overlook the need to set strong passwords, authenticate users, manage user privileges and even encrypt the data, assuming the cloud provider is providing that service as a default. This gap is cause for concern and puts the business’ sensitive information at risk.
Over the past 12 months, many IT teams moved systems to a public cloud. The benefits, on paper, are too numerous to count: lower costs, greater scalability and low maintenance, just to name a few. However, there’s also a dark underbelly to public cloud environments. With a simple click, the entire environment can be publicly exposed and accessible to bad actors.
Imperva Research Labs estimates there are millions of publicly open databases today. If not protected, it could be a matter of hours until the data is compromised by a dictionary attack, malware, backdoor or database probing. What can your business do to avoid this fate and create a robust data security strategy?
Assign the right tools for the job
It starts with a solution that enables you to detect and react to dangerous user activity that puts your business at risk, wherever the data lives. Simply meeting compliance regulations does not provide real security for your data. Individuals and organisations need to understand where the data resides, who has access to it and how they can protect that data.
One way to help alleviate these issues is to make sure the right tools are in place to ensure proper visibility and the ability to take action, when needed. This requires a solution that provides a fully automated, data-aware platform that achieves all the objectives a business has at the data level: risk reduction, compliance and privacy from a single platform.
Make raw data accessible and consumable
When all database activity is captured in a single platform, it provides needed visibility into data from all on-premises and cloud sources. Business stakeholders can then get role-based self-service access to the all-in-one platform and use ready-made, enriched reports and dashboards on a powerful user interface to detect suspicious activity. Security teams get the data they need to integrate with their tool of choice (SIEM, BI, UEBA, etc.) to help optimise SOC performance. Affording this level of access to contextually rich information takes out the middleman and makes it possible for people to innovate and directly add value to a database security strategy.
Automate security processes
Organisations must automate processes to enable stakeholders to orchestrate and socialise what they learn.
Having all multi-source data in a single platform enables the automation of cumbersome manual processes and eliminates lengthy interchanges between teams and tools. Event-level workflow automation transforms manual routing and review processes into fully automated, customised workflows that improve response times and overall communication among stakeholders. This automation links data with decision processes to accelerate communication between teams and make it easier to recommend remediation actions.
Using AI algorithms can also help to track and evaluate large volumes of historical activity data and enable users to quickly isolate unusual activities such as account abuse, code injection and insider threat. Users can also take preventive measures to avert security events by conducting fine-grained inspection of large volumes of historical data activity to rapidly detect potential security threats such as unauthorised malicious code or privileged users attempting to stockpile sensitive data.
Stop treating data security as an afterthought
It’s clear the cloud provides benefits to every industry, and for organisations of all sizes. But, with innovation comes risk. Without the proper controls in place, cloud solutions can expose sensitive data to opportunistic hackers.
Organisations need to invest in a data security strategy where the focus is on securing the data itself, not just the endpoints connected to the database. Moving too quickly without addressing critical data security vulnerabilities will continue to put sensitive data at risk. Ultimately, if hackers get hold of the data, it can have a long-lasting impact on the business. Not only financially, but also reputationally. In fact, since April 2020, the smallest fine the Information Commissioner's Office (ICO) has imposed for a data breach has been £1.25 million.
While many leaders worry that taking time to secure data might slow down their innovation projects, that mindset is indefensible. The number of breaches are escalating, and the answer isn’t to throw more point solutions at the issue. Instead, make data security a centerpiece of the enterprise security strategy.
Chris Waynforth is Area Vice President at Imperva.