In order to protect your cloud environment, it’s important to know the kinds of threats your cloud will face. Some attacks are old and familiar, just transferred to the new environment; others take advantage of vulnerabilities introduced by the cloud’s shared infrastructure.
Attacks Through Cloud Configurations and Cloud Dashboards
Cloud configurations control how your infrastructure behaves and who has access to it. Misconfigurations can make dashboards, data, and other resources intended to be private publicly accessible; default settings don’t always provide security. Stolen credentials to a privileged account can give a hacker broad access to your cloud resources.
Attacks Through Shared Servers
Your server in the cloud is a virtual machine (VM). Unless you’ve arranged a private instance, your VM shares the underlying physical server with VMs belonging to other cloud customers. Vulnerabilities in VM software make it conceivable that a malicious VM can access data used by other VMs on the shared host. In addition, if your VMs communicate, an attack that compromises one VM can spread to others, as well.
Attacks Through APIs
Much of the functionality of any cloud environment is accessed through APIs. Without the proper security controls, an unauthorized user can call an API and access data and services they shouldn’t have access to.
Distributed Denial of Service Attacks
The same DDoS attacks outside the cloud, but now targeted at cloud-based systems. Besides hitting your servers, DDoS attacks in the cloud can hit your pocketbook, because you pay for the CPU and other services they use.
No matter where you locate your information technology, it’s always vulnerable to misuse by disgruntled employees. Strong identity and access management is vital in the cloud.
Protecting Against Attacks on the Cloud
With such a wide variety of attacks on the cloud, you need to develop a cloud security strategy that uses multiple tools to provide protection. Use tools from your cloud provider to identify best practices and ensure they’re applied in your cloud. Tools such as Palo Alto Networks Security Lifecycle Review find additional vulnerabilities, and VAST View—built on CloudHealth—can help you ensure policies are applied consistently across all your cloud resources. A cloud access security broker, such as BitGlass, helps control usage of data in the cloud.
Develop a comprehensive approach to protecting your resources in the cloud with support from VAST IT Services. Contact us to learn more about the tools and technologies that can keep your cloud environment safe.