Who is responsible for IT security in cloud computing? Many companies still do not seem to be sufficiently aware.
One of the two areas that need to be protected is the cloud itself, and the provider is responsible for protecting it. On the other hand, it is the stored data and the applications that have been set up in a company for which cloud security is relevant. Their protection – and this is where the misunderstanding often lies – is the company’s responsibility, not the provider. Shared responsibility often describes the relationship between the two parties involved, but many cloud projects still fail because of this idea.
Cloud Infrastructure: Concept Of Shared Responsibility
Every company that seriously wants to go along with the digital change and introduces a cloud environment has to be aware of shared responsibility. If this does not happen, or if it does not happen enough, it can have enormously damaging effects on the company and its customers: The IT incident at the US financial services provider Capital One made headlines around the world at the end of July. News magazines and specialist portals reported the successful attack by a hacker who stole sensitive data from 100 million customers in the USA and six million customers in Canada and disclosed it on the Internet.
Capital One stored the data sets in the Amazon Web Services Cloud. They were stolen from there, and the perpetrator used to work for the cloud provider. So it’s easy to connect and pinpoint a culprit, but the facts prove otherwise: The AWS Cloud’s protections were completely intact. Instead, the hacker took advantage of a misconfiguration of the firewall that Capital One operated to protect the data in the cloud.
Cloud Security: Data Offered In The Dark Web
A similar case is now shaking the industry in Asia: The airline Malindo Air reported on September 19 that it was investigating an incident that affected its passengers and those of the Thai Lion Air airline. According to the South China Morning Post, the phone numbers, addresses, and sensitive ID card details of 30 million passengers were stolen and posted on an online forum. For this purpose, the data records were loaded into a freely accessible AWS bucket, and some were even offered on the dark web. The latter is particularly treacherous because the data had previously been stolen from the Malindo Air servers operated via AWS. The attack took place via an unnamed third-party provider, not via the AWS Cloud itself.
These incidents call for caution when dealing with cloud environments. They are the future of the digital market, but the data and applications parked there must be protected by cloud security. Data in cloud services are only as secure as the configuration of the security measures surrounding them. Organizations can easily activate hundreds, thousands, or even millions of AWS S3 buckets – or similar cloud data stores from competing platforms. However, because of the resulting complexity, it is essential for companies to constantly check and correct incorrect configurations of their IT infrastructure – especially since cloud services occasionally change their settings and make adjustments necessary. This is done by hand but is a very time-consuming process. Automated cyber security solutions are the better choice here, especially since they help avoid the usual human carelessness errors when configuring the security mechanisms.
