By Joseph Carson, Chief Security Scientist & Advisory CISO, Delinea
The cloud has become a necessity for modern businesses. More and more organizations are seeing the value of the cloud and taking the leap, but that doesn’t mean they’re prepared for the challenges that come with it, including new cybersecurity considerations.
According to the Cloud Security Alliance’s 2021 report, “State of Cloud Security Concerns, Challenges and Incidents,” almost half of those surveyed were uncertain if they had a cloud security incident in the previous year.
Many organizations have attempted to protect their cloud environments with existing security solutions and fail to adopt native cloud security solutions.
Organizations understand that cloud security is important, but they’re not always sure how to protect themselves or address the growing threat. Worse yet, they may not even realize a breach has occurred.
Education and Awareness
Employees are a key consideration for protecting your organization from cyber threats and crime. Cyber awareness and resilience should be a top priority and part of the organization’s culture which puts employees in a position of strength. They should be taught to identify suspicious activities, report potential threats and never be afraid to ask for help.
This can be accomplished in a number of ways, including:
- Teaching online vigilance and safety
- How to Identify suspicious applications
- Reporting suspicious emails with links or attachments from unknown sources
- Limiting activities that take place on insecure Wi-Fi networks
Having empowered employees helps strengthen your employees’ cyber knowledge and increase their ability to report potential incidents earlier. If employees know how to identify breaches or suspicious behavior, they can be a key part of preventing a problem. In addition, employees also learn how to protect themselves and their personal data outside of the workplace.
This needs to be a top-down strategy. Managers and leaders are accountable for the adopting and consistency of cyber security protocols. They are responsible for training employees to perform their job safely and assess risks, as well as being cyber ambassadors and mentors if they need to report something.
Implement and Enforce Mobile App Security
Mobile apps can be a big source of risk and exposure to security breaches. Apps may seem simple and harmless, but the wrong app can introduce risks that expose sensitive data to malicious attackers. This information should always be protected, no matter where it appears.
Developers often include options to help design applications with security, but at the end of the day, it’s up to the user to protect themselves.
These risks may include:
- Using inappropriate authentication and authorization checks that malicious actors can exploit
- Leaking data that could be discovered by malicious applications
- Using weak encryption methods
- Transmitting sensitive data without encryption
- Vulnerable APIs that expose sensitive data
Mobile app security can be enhanced by:
- Using certificate pinning to mitigate intermediary attacks on unsecured networks
- Reducing the amount of sensitive information that’s stored in the app
- Allowing only the necessary permission for an app’s function
- Implementing data security policies and guidelines for mobile app use
- Enforcing session logouts after use
- Avoiding saved passwords or reused passwords on apps
- multi-factor authentication (MFA) to create more of a barrier for users with weak or outdated passwords
- Continually assessing the risks of mobile apps and monitor for security updates
Analyze Logs for Suspicious Activity
Security logs can be valuable for identifying suspicious or unusual activities. These logs should be reviewed and analyzed regularly to find odd behaviors, such as logins that occur after normal business hours.
This not only helps your organization identify possible criminal activities, but it can be used for forensic purposes to trace a breach if it occurs.
Keep Systems Patched and Current
Patches are necessary to fix bugs, improve features, and keep an app functioning as it should. All systems and applications will need regular patches, and they’re an important part of preventing criminal activities.
A patch can identify any gaps or vulnerabilities that could allow a malicious attacker to launch an attack. While this isn’t enough to prevent cyber crime on its own, it can make it more challenging.
Use Strong Passwords and Protect Privileged Accounts
Rigorous password protection is vital to cyber security. Employees should be trained to use strong passwords such as passphrases.
A passphrase is a sequence of words or other text used to authenticate a user or secure a cryptographic key. It is similar to a password, but usually longer and more complex, and it can be made up of words, phrases, numbers, and symbols.
Passphrases are often used to protect sensitive data or resources such as online accounts, encrypted files, or digital wallets. They are considered more secure than traditional passwords because they are longer and more difficult to guess or crack using brute force attacks.
Worse yet, employees often reuse passwords on multiple accounts creating a bigger risk. If this is the case, implement an enterprise password manager to secure credentials across your organization. Help employees move passwords into the background with a solution that can auto generate strong complex unique passwords for each account and automatically rotate them on a frequent schedule.
The same is true for privileged accounts. An employee with privileged access can be exploited to provide access to the whole network. Just one compromised account gives a malicious hacker the advantage they need, and it could happen from something as simple as clicking the wrong link.
You should always identify and vault privileged accounts, and limit administrator rights if they’re not necessary implementing strategies such as the principle of least privilege. Every account needs multi-factor authentication to protect against weak or outdated passwords as well.
Don’t Allow Installation of Unapproved or Untrusted Applications
Privileged access is vulnerable in a number of ways, including allowing employees to install and execute applications without authorization or without verifying the application reputation. Depending on its source, this can provide an ingress point for attackers to install ransomware and infect the system, or to install hidden backdoors to gain access at a later date and launch an attack.
The best way to protect against this risk is with privileged access management. With this security measure, employees have only as much privilege as they need, and only for the length of time they need it to complete a task. Then, if an employee makes an error that could leave the network vulnerable, such as reading an email and clicking on a suspicious link, and a malicious hacker gets in, they are limited in how much damage they can do.
Malicious hackers count on predictability and routine. If they know when scans and patches are run, what users have access to, and when routine tasks take place, it gives them an edge.
Always be deceptive and unpredictable in your behaviors. Take an as-needed approach to assessments and updates to limit their opportunities to attack and make it more difficult to hide in your system and await the best moment to strike.
Fight Cyber Crime in Your Organization
Cyber crime is everywhere and growing. As cloud adoption increases, organizations are facing greater risk from malicious actors seeking sensitive data. Taking a proactive approach to cyber security puts you in a strong position to defend against cyber threats, and if one occurs, mitigate its effects.
About the Author
Joseph Carson is a cybersecurity professional with more than 25 years’ experience in enterprise security and infrastructure. Currently, Carson is the Chief Security Scientist & Advisory CISO at Delinea. He is an active member of the cybersecurity community and a Certified Information Systems Security Professional (CISSP). Carson is also a cybersecurity adviser to several governments, critical infrastructure organizations, and financial and transportation industries, and speaks at conferences globally.