Sumo Logic ahead of the packRead article
Complete visibility for DevSecOps
Reduce downtime and move from reactive to proactive monitoring.
Cloud computing is the delivery of computer system resources, including applications, virtual machines, containers, data storage and processing power over the internet. Cloud computing services are offered and managed by cloud service providers. Cloud service providers (CSPs) own and maintain the IT infrastructure, including computer and networking hardware and software, needed to deliver on-demand computing resources to their customers.
The concept of a "hosted service" or "hosted application" is central to cloud computing. Hosted services are IT infrastructure components (servers and virtual machines), applications (software, middleware, O/S), or functions that an organization accesses via an external service provider. Hosted applications are deployed on the servers of a cloud service provider and accessed by customers through the internet. Through a cloud service provider, IT organizations can outsource the management of every aspect of the technology stack, including networking, servers, storage, virtualization, operating systems, middleware, runtime, data and applications.
The increased adoption of cloud computing in enterprise IT environments has led to the development of new cloud computing architectures. Each architecture represents a different method of deploying cloud services and offers unique advantages and disadvantages. The three models in use today are public cloud, private cloud and hybrid cloud.
Public clouds are owned and operated by a cloud service provider. Amazon Web Services (AWS) is an example of a cloud service provider that offers public cloud services. Amazon owns all the IT infrastructure, including the hardware and software needed to deliver these cloud computing services. Customers can request services like server access and data storage, which is apportioned as needed.
Private clouds are owned and accessed exclusively by a single company. The infrastructure could have been built and implemented in-house or by a third party. But in any case, a private network that is not accessible to other parties maintains the services and infrastructure. Private clouds can help large organizations centralize IT infrastructure management without giving up control of that infrastructure to a third-party cloud service provider.
Hybrid cloud systems are ideal for organizations that must host some applications and data in a private cloud to maintain data security but still wish to benefit from the cost reductions associated with public cloud deployment for less sensitive applications. Hybrid cloud environments include a mix of on-premises, private cloud and public cloud applications and services with orchestration and communication between disparate platforms.
Cloud computing security is the technical discipline and processes to secure an IT organization's cloud-based infrastructure. Cloud computing security includes IT organizations' measures to secure these components against cyber attacks, data theft and other threats.
IT organizations and the cloud service providers they do business with share responsibility for implementing security controls to protect applications and data stored or deployed in the cloud. These security controls include a variety of measures for reducing, mitigating, or eliminating various types of risk. The creation of data recovery and business continuity plans, encrypting data, and controlling cloud access are all security controls.
While many types of cloud computing security controls exist, they generally fall into one of four categories.
Deterrent controls discourage nefarious actors from attacking a cloud system. These controls may act as a warning that an attack will be met with consequences. Insider attacks are a source of risk for cloud service providers, so an example of a deterrent control could be a cloud service provider conducting criminal background checks on employees.
Preventive controls make the cloud environment more resilient to attacks by eliminating vulnerabilities. A preventive control could be writing a piece of code that disables inactive ports to ensure that there are no available entry points for hackers. Maintaining a strong user authentication system is another way of reducing vulnerability to attack.
Detective controls identify and react to security threats and events. Intrusion detection software and network security monitoring tools are examples of detective controls. Their role is to monitor the network to determine when an attack could happen.
Corrective controls limit the damage caused by the incident. A developer might write a piece of code so that when a certain type of threat is detected, data servers are disconnected from the network to prevent data theft.
Each type of security control plays a role in maintaining the overall security posture of a system. A successful security operations team takes measures to deter a cyber attack, quickly detect attacks that occur, limit their impact and ultimately restore function and stability to the cloud environment.
Organizations will want to implement several different forms of cloud computing security. Below you'll find different types of security in cloud computing.
Network segmentation with multi-tenant SaaS environments, you'll want to determine, assess, and isolate customer data from your own.
Access management and user-level privileges as an easy-to-implement form of cloud computing security. Access to cloud environments, applications, etc. should be issued by role and frequently audited
Password control as part of a basic cloud computing security protocol combined with authentication tools to ensure the greatest level of security
Encryption to protect your data at rest and in transit
Vulnerability scans and management revolving around regular security audits and patching of any vulnerabilities
Disaster recovery plans and platforms for data backup, retention, and recovery
Security monitoring, logging and alerting should provide continuous monitoring across all environments and applications is necessary for cloud computing security.
As organizations deploy more applications to the cloud and depend more on cloud service providers, cloud computing security is a growing concern for IT organizations. The proliferation of cloud services introduced new security concerns and challenges that traditional network security techniques could not address. These core challenges drive innovation and technological adoption in cloud computing security today.
Data protection in cloud environments
Organizations that choose to host sensitive data with a cloud service provider are losing control of physical access to the server. This creates additional security vulnerabilities because the organization can no longer play a role in determining who has physical access to the servers. An employee of the cloud service provider could access the data illegally, modify or copy it, and even distribute it to others. To prevent insider attacks, cloud service providers should conduct detailed employee background checks and maintain strict and transparent access control to servers and IT infrastructure.
User authentication and access management for cloud security
Cloud services should be secured with a username and password. Still, there is always a risk that a nefarious actor could steal login credentials, gain unauthorized access to cloud services and steal or modify data. An attacker could also release malicious code into the system. Cloud service providers should implement a secure credentialing and access management system to protect customers from these attacks.
Lack of visibility of cloud services
One of the major challenges that IT organizations face in cloud computing security is a lack of visibility of applications and services deployed in cloud environments. A lack of visibility means that the IT organization cannot efficiently collect or aggregate information about the security status of applications and infrastructure deployed in the cloud. This can be due to having a high number of disparate systems working together or due to a lack of transparency between the business and cloud service provider.
Lack of control over cloud infrastructure security
In legacy IT systems deployed and managed on-premises, IT organizations maintain complete control over every piece of IT infrastructure in the entire technology stack. In contrast, when an organization outsources part of its IT infrastructure to a cloud service provider, it necessarily gives up some control of the deployment, management and configuration of the infrastructure. Consequently, IT organizations must increasingly rely on their cloud services vendors to make administrative decisions that enforce a high-security standard.
Lack of transparency between business and cloud service provider
Transparency is a major issue for organizations that:
Vendors ultimately need to partner with trusted cloud service providers and/or cloud security solution providers with a track record of providing exceptional security and the resources to ensure data protection.
Sumo Logic's platform provides intelligent security analytics for your hybrid cloud environment. Leveraging machine learning and Big Data innovations to supercharge your threat detection and maintain compliance with mandatory privacy regulations, such as the European GDPR and PCI DSS, Sumo Logic enhances your forensic investigation and incident response capabilities.
Sumo Logic aggregates event logs from applications, network components, and IT infrastructure throughout your public, private or hybrid cloud environment. This data is collected into a single platform where it can be analyzed and correlated to identify potential security threats. Sumo Logic addresses and mitigates some of the most important challenges of cloud computing security, including helping IT organizations increase visibility and control of their cloud infrastructure and deployments.
Reduce downtime and move from reactive to proactive monitoring.