5 Big Mistakes in Securing Cloud Application Data

    In today’s increasingly flexible work environment, many organizations implement and rely on cloud services like Salesforce®, Google Apps for Business™, Microsoft® Office 365™ and Box to streamline business functions, increase resource utilization and enhance corporate elasticity. Yet without proper data protection, enterprises run the risk of exposing sensitive, proprietary information.

    Cloud service providers (CSPs) and their customers share responsibility for security. While cloud service providers have seen improvements in securing their platforms and offering tools to help with security, customers find it difficult to keep up with all of the responsibilities related to securing their apps. Gartner predicts that through 2020, 95 percent of cloud security failures will be the customer’s fault.

    To avoid such failures, Ganesh Kirti, CTO of Palerra, has put together a list of the five most common mistakes that enterprises make and provides suggestions for keeping your cloud environment safe moving forward.

    5 Big Mistakes in Securing Cloud Application Data - slide 1

    Keeping Your Cloud Environment Safe

    Click through for the five most common mistakes that enterprises make, as well as suggestions for keeping cloud data safe, as identified by Ganesh Kirti, CTO of Palerra.

    5 Big Mistakes in Securing Cloud Application Data - slide 2

    Weak Expiration Policies

    Weak expiration policies for authenticated sessions (tokens and cookies)

    End users, employees, mobile devices and third-party applications all connect to your cloud applications. Whenever a user or a client program logs into a cloud application, they receive an authenticated session from the application. In many cases, those sessions are left open after the interaction is complete. A hacker who gains access to this session has essentially found the key to take over the user’s session and assume the identity of that user. This is a very dangerous attack that compromises all of your cloud data.

    To limit this exposure, you can create a strong policy to automatically end sessions for users and clients that are inactive for more than 30 minutes.

    5 Big Mistakes in Securing Cloud Application Data - slide 3

    Zombie Accounts

    Zombie accounts: Employees who are no longer with the company but still have access

    Companies use many SaaS applications to keep their critical business functions working. Typically, employees have individual accounts in each SaaS application. We often see companies continue to experience transactions in their SaaS applications from accounts of employees who left long ago. In general, these transactions originate from third-party applications that the ex-employees configured. These accounts can end up in the hands of hackers or malicious ex-employees, causing data leakage and non-compliance with internal and external regulations.

    Organizations need to create and follow a process to immediately de-provision unused (zombie) user accounts.

    5 Big Mistakes in Securing Cloud Application Data - slide 4

    Overly Privileged Accounts 

    Overly privileged accounts (users who have more privileges than they need)

    In general, administrative roles allow access to highly privileged data and actions. Only a limited number of trusted people should have these roles. Granting administrative roles to non-administrative (or the wrong) users can jeopardize the security of data, creating opportunities for data leakage and compliance violations due to separation of duties (SoD) concerns.

    You need to continuously monitor privileged users in your cloud applications and remove any privileges that are not required.

    5 Big Mistakes in Securing Cloud Application Data - slide 5

    Accidental Sharing of Sensitive Data

    By monitoring the usage of documents in various clouds (Google Drive, Box, and Office 365), Palerra has found that employees frequently share corporate documents outside the organization. They also share or send documents to private (non-corporate) email accounts. Some of these documents are available for anonymous download, with no security controls in place. Data shared outside the enterprise can present various risks, including data breach. 

    5 Big Mistakes in Securing Cloud Application Data - slide 6

    Anomalous User Behavior Threats

    Palerra has repeatedly detected suspicious user behavior patterns accessing data due to the following reasons:

    • malicious user activity due to over privileges granted to them
    • compromised user accounts gone undetected
    • users access cloud systems with multiple email IDs
    • users share account credentials with fellow employees
    • routinely sharing service accounts with multiple third-party applications

    Anomalous user behavior could be a sign of a data ex-filtration threat.

    To mitigate these threats, organizations need to discern suspicious user behavior from normal behavior to detect earliest signs of threats, and resolve them before data ex-filtration begins. Leverage user behavior analytics (UBA) tools to analyze insider and outsider access patterns to detect abnormal user behavior.

    Like other business services, you must manage and secure your cloud services using monitoring and security tools. With the right strategies, your cloud environment can be kept one step ahead of the hackers and malicious users.

    Latest Articles