GoldenGolden
Advanced Search
Cloud computing security

Cloud computing security

Security of cloud computing products and services

Overview

Cloud computing security is a subsection of cybersecurity, and as a subsection carries a lot of the same concerns and protocols as other cybersecurity measures but with a focus on cloud computing environments, be they public, private, or hybrid cloud environments. This includes the protection of data, applications, and infrastructure involved in cloud computing. The methods of providing cloud security include firewalls, penetration testing, obfuscation, tokenization, virtual private networks, and avoiding public internet connections.

Cloud computing security also covers types of cloud-based services and on-demand solutions, including Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service. In these systems, the cloud vendor is responsible for securing the underlying infrastructure with a cloud security system. On the user or client side of cloud computing security systems, the vulnerabilities of a security system include social engineering and malware, but also include data breaches, data loss, account hijacking, service traffic hijacking, insecure APIs, and shared technology.

Cloud computing security products

Security Technology

Cloud computing often offers greater security than the use of local services. This is because the service providers tend to have stronger security measures, including physical security measures, and employ security experts to keep the data secured. And cloud security service providers have to follow certain regulatory requirements for storing sensitive data.

The security systems require network protections as well to protect against attacks. One part of this is microsegmentation, which creates zones to isolate workloads from each other and secure them individually and creates roadblocks to would-be attackers to move laterally from infested hosts. The other part applies to inline flow of traffic. This cloud security solution should allow authorized users to securely access cloud-based data while providing threat visibility into what activities they are performing.

Key technologies

Cloud network security companies

Identity access management companies

Data compliance for cloud security companies

User side responsibility

Cloud security has a lot to do with access. Based on the nature of the environment, the traditional controls use a perimeter security model. In cloud environments, perimeter defenses are easier to bypass, through insecure APIs, weak identity and credentials management, account hijacks, and malicious insiders.

But, despite this, some sources suggest close to 95 percent of cloud security failures are the fault of the user, with misconfiguration and mismanagement being the leading issues. These are often caused by misconceptions and assumptions, where users may assume the cloud service provider is in charge of securing the cloud environment in a situation where the provider is in charge of protecting the physical data centers and the user maintains responsibility for protecting virtual machines and applications. A lot of breaches in cloud computing occur in opportunistic attacks on data left open by errors in how the cloud environment was configured. And multi-cloud environments in enterprises can create a misconfiguration problem where there is a lack of awareness of all the cloud services in use.

Cloud security companies

Timeline

February 24, 2021
CrowdStrike, a cloud-delivered endpoint and workload protection company, today announced expanded Cloud Security Posture Management (CSPM).
February 24, 2021
Check Point expands its unified Cloud Security Platform to deliver next-generation cloud-native application security and API protection
February 17, 2021
vArmour, a multi-cloud security startup, raises $58 million en route to IPO.

People

Further reading

Documentaries, videos and podcasts

Companies

References

Golden logo
Text is available under the Creative Commons Attribution-ShareAlike 4.0; additional terms apply. By using this site, you agree to our Terms & Conditions.