Following on from the previous article we posted regarding cyber security trends, we thought we’d revisit the topic and continue with another set to keep an eye on. The world of cyber security is always evolving and there’s always too much for just one article on the subject.
As I’m sure you know by now, the ‘Cloud’ can refer to a variety of services and the magical nothing of data floating through the ether. The reality of the Cloud is less exciting, but has enabled a significant improvement in remote services and collaborative working, especially when combined with the hybrid ways of working which are now more commonplace. Indeed, there are nearly a million companies using Office 365 in the United States and the United Kingdom alone.
Cloud can be broadly broken down into applications and infrastructure, where applications such as Office 365 allow for transitioning between devices and collaborating concurrently with other users, while infrastructure like Amazon Web Services (AWS) relates to the ability to build and host applications without having to use servers you’re responsible for.
Both scenarios present their own challenges and require their own considerations. For applications, access and authorisation are some of the primary concerns, where resources should be closely guarded and managed. Microsoft’s various offerings are a useful example of this, where we have Azure Active Directory (Azure AD) to manage access to Cloud-based servers, and applications like SharePoint, which store content from your organisation.
These are relatively new environments when compared to the age and maturity of on-premises networks, and it can be a simple process for authorisation to be misconfigured. Fortunately, applications are generally shipping with the ability for role-based access control akin to a typical office network. Portals provide the ability to monitor and assign roles accordingly and should be thoroughly investigated whenever implementing a new application or service.
When it comes to infrastructure, the considerations turn to the security of the servers and the data stored on them. Commonly with AWS, for example, a full stack application will be built which encompasses the frontend web application and backend services such as authentication and databases. It’s important to ensure that backend services are correctly protected from external access, and Check Point’s data indicates that cloud security incidents are on the rise, with 27% citing misconfigurations as the main cause.
With hundreds of millions of smartphones sold last year, it’s no wonder that this is a big area of concern which shows no signs of slowing down. Where websites used to be accessible through the phone’s browser, they are being replaced by individual apps, which come with their own security concerns like API security and data storage.
This can become important for organisations where company applications are installed on personal devices. If another malicious application is installed, it could lead to compromise of the phone and access to data stored within the company app. Considering last year nearly half of companies asked in a study cited malware as the cause of a security incident, this is a thread which should not be ignored. It poses the question of whether to supply company devices to staff, although you may be in the minority, or mandate a mobile device management (MDM) solution.
If your organisation is one that develops their own apps, then it is important to ensure these applications are regularly tested for vulnerabilities. Fortunately, this style of testing is becoming more mature each day, with new frameworks and tools available for security professionals to conduct comprehensive assessments.
Speaking of mobile and API security, the new trend is for everything to be online, more colloquially known as the Internet of Things (IoT). A Cisco report listed an estimated 27.1 billion devices will be connected to the Internet at the end of 2021, which works out at more than 3 per person! That’s a lot of potentially unsecured devices, and there were nearly 1.6 billion attacks against IoT devices in the first half of 2021 according to Kaspersky.
IoT could affect you both personally and professionally, given the variety of devices which come under the IoT umbrella. Do you know what that smart fridge is really sending out to the Internet? Are you trusting your smart boiler to be secured to a good standard and not use a default password of ‘12345’? It’s never too late to check.
Fortunately, IoT is getting a decent amount of attention this year, with several reports being created to illustrate how best to secure these devices, as well as highlight the importance of doing so.
As mentioned in the previous article, do the basics correctly and you’ll put yourself in a good position to secure your networks, devices and organisation. Accurately map out all your network-connected devices, ensure the default passwords are changed and vendor patches are installed on a regular basis. In addition, keep up to date with the latest cyber security trends.
For your cloud environment, a lot of the same principles apply as for on-premises networks when it comes to access control. Make sure you’ve got a handle on who has access to what and review the controls regularly to ensure the access is still required. For applications hosted in the cloud, perform regular tests to make sure there aren’t any unsecured resources available for remote access and audit where your data is going to make sure it is only to expected destinations.
Finally, check whether those IoT devices you have need to be Internet-connected and, if so, make sure that all unnecessary services are correctly firewalled. If the default way of managing a device is via an insecure or unencrypted protocol, such as Telnet, check whether you can disable this and use an encrypted version. If this isn’t possible, is there another device which could replace it that takes security into account?
Above all else, don’t become complacent with your security. The hacking world progresses quickly, with new exploits released on a daily basis and new cyber trends every year. This means you also need to keep up with the cyber security trends, otherwise you’re going to be left behind and vulnerable.