Cloud computing security

Cloud computing security

Security of cloud computing products and services

Overview

Cloud computing security is a subsection of cybersecurity, and as a subsection carries a lot of the same concerns and protocols as other cybersecurity measures but with a focus on cloud computing environments, be they public, private, or hybrid cloud environments. This includes the protection of data, applications, and infrastructure involved in cloud computing. The methods of providing cloud security include firewalls, penetration testing, obfuscation, tokenization, virtual private networks, and avoiding public internet connections.

Cloud computing security also covers types of cloud-based services and on-demand solutions, including Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service. In these systems, the cloud vendor is responsible for securing the underlying infrastructure with a cloud security system. On the user or client side of cloud computing security systems, the vulnerabilities of a security system include social engineering and malware, but also include data breaches, data loss, account hijacking, service traffic hijacking, insecure APIs, and shared technology.

Cloud computing security products

Product
Description

Cloud access security brokers (CASB)

A category of cloud security solutions which monitor activity and enforce cloud access security policies.

Cloud workload protection platforms

Cloud workload protection technologies work with both cloud infrastructure and virtual machines, providing monitoring and threat prevention features.

Software-as-a-Service security

Multiple types of security technologies are delivered as a service from the cloud, can help secure both on-premises and cloud workloads. These solutions can include vulnerability scanning and management features.

Software-defined compute security

Sometimes referred to as cloud native security, these solutions work to protect containers running across cloud deployments.

Security Technology

Cloud computing often offers greater security than the use of local services. This is because the service providers tend to have stronger security measures, including physical security measures, and employ security experts to keep the data secured. And cloud security service providers have to follow certain regulatory requirements for storing sensitive data.

The security systems require network protections as well to protect against attacks. One part of this is microsegmentation, which creates zones to isolate workloads from each other and secure them individually and creates roadblocks to would-be attackers to move laterally from infested hosts. The other part applies to inline flow of traffic. This cloud security solution should allow authorized users to securely access cloud-based data while providing threat visibility into what activities they are performing.

Key technologies

Security method
Description

Encryption

This is a method of scrambling data so only authorized parties understand the information. This way, an attacker will find scrambled data without an encryption key. Data can be encrypted at rest, or in transit, to reduce the possibility of interception and reading of the data. In a multi-cloud or hybrid cloud, environments are connected at the network layer, and a VPN can be used to encrypt the traffic between these layers. If the services are connected at the application layer, SSL/TLS encryption is often used. The SSL/TLS can encrypt traffic between a user and a cloud.

Firewall

A cloud firewall provides a layer of protection around cloud assets by blocking malicious traffic. Unlike traditional firewalls, cloud firewalls are hosted in the cloud and form a virtual security barrier around cloud infrastructure.

Identity and access management

These are products which track who a user is and what they are allowed to do. They authorize users gaining access to internal assets and stopping authorized users exceeding their privileges. These services include the capabilities of identity provider which authenticates user identities; single sign-on services for authenticating user identities for multiple applications; multi-factor authentication to strengthen the user authentication process; and access control to allow and restrict user access.

Cloud network security companies

Identity access management companies

Data compliance for cloud security companies

User side responsibility

Cloud security has a lot to do with access. Based on the nature of the environment, the traditional controls use a perimeter security model. In cloud environments, perimeter defenses are easier to bypass, through insecure APIs, weak identity and credentials management, account hijacks, and malicious insiders.

But, despite this, some sources suggest close to 95 percent of cloud security failures are the fault of the user, with misconfiguration and mismanagement being the leading issues. These are often caused by misconceptions and assumptions, where users may assume the cloud service provider is in charge of securing the cloud environment in a situation where the provider is in charge of protecting the physical data centers and the user maintains responsibility for protecting virtual machines and applications. A lot of breaches in cloud computing occur in opportunistic attacks on data left open by errors in how the cloud environment was configured. And multi-cloud environments in enterprises can create a misconfiguration problem where there is a lack of awareness of all the cloud services in use.

Cloud security companies

Timeline

February 24, 2021
CrowdStrike, a cloud-delivered endpoint and workload protection company, today announced expanded Cloud Security Posture Management (CSPM).
February 24, 2021
Check Point expands its unified Cloud Security Platform to deliver next-generation cloud-native application security and API protection
February 17, 2021
vArmour, a multi-cloud security startup, raises $58 million en route to IPO.

People

Name
Role
LinkedIn

Further reading

Title
Author
Link
Type
Date

5 critical features for cloud security controls

Lior Cohen

Web

December 12, 2019

7 cloud security controls you should be using

Fahmida Y. Rashid and James A. Martin

Web

October 21, 2019

CloudID: Trustworthy cloud-based and cross-enterprise biometric identification

Mohammad Haghighat; Saman Zonouz, Mohamed Abdel-Mottaleb

Web

November 30, 2015

How Does Cloud Security Work? | Cloud Computing Security

Cloudflare

Web

The 4 essential pillars of cloud security -- GCN

John Davis

Web

July 21, 2020

Top Cloud Security Companies & Tools

Sean Michael Kerner

Web

January 29, 2020

What is Cloud Security

Check Point Software

Web

December 5, 2019

What is cloud security & how can you secure the cloud with PAM?

Web

What Is Cloud Security?

Jake Frankenfield

Web

August 25, 2020

Documentaries, videos and podcasts

Title
Date
Link

What is Cloud Security?

September 27, 2019

Companies

Company
CEO
Location
Products/Services

References

Golden logo
Text is available under the Creative Commons Attribution-ShareAlike 4.0; additional terms apply. By using this site, you agree to our Terms & Conditions.