How to protect your cloud services from attacks
Moving to the cloud can increase efficiencies and reduce costs, but it comes with its share of security risks.
This is according to Symantec country manager for South Africa Jon Hamlet.
Speaking during a panel discussion at the 2018 MyBroadband Cloud Conference in Midrand this week, Hamlet explained that new approaches to security are required when moving to the cloud.
Hamlet added that the security of local cloud systems is dependant on them effectively responding to threats.
“Information security and cloud security are not necessarily limited to cloud technology, it is a paradigm of detecting and responding to threats,” he said.
An increasing number of businesses are moving to the cloud, and their security systems must evolve with them if they aim to remain secure.
“Traditional security stacks for these businesses no longer tend to apply, and they need to change their architecture and mindset towards security.”
“One of the most prevalent things we have seen with increased cloud adoption is the increasing prevalence of access control policies,” said Hamlet.
Access controls in South Africa
Hamlet said the flexibility and accessibility of a cloud environment can become a vulnerability if weak access controls are implemented.
This can result in a common type of attack where hackers sit between the customer and company, and redirect any fund transfers to their own bank account.
“The reason these attacks are incurring is a lack of visibility and limited multi-factor authentication implementations,” said Hamlet.
“It is caused by compromised credentials, and it turns the advantage of the cloud’s accessibility into a major threat.”
Proper access control and content or information control is key for the security of a cloud environment, added Hamlet.
While these types of attacks remain common around the world, Hamlet is confident South Africans are becoming more cautious with their online data and credentials.
“With the rapid uptake of cloud environments in South Africa, we have seen the need for more visibility, especially with smaller organisations moving fully into the cloud.”
“South Africans are becoming more aware that their online identity is precious, and are still undergoing a sharp learning curve with regards to security,” he said.
Loading ...