Common Questions and Security Issues in Cloud Computing
Automated solutions that live ‘in the cloud’ are utilized every day to improve processes, increase communication, enhance transparency and more. Without cloud computing, many automated processes used in human resources (HR), manufacturing, accounting, customer care and other sectors would be extremely limited in capability and security, or might not even exist today.
This guide will address what cloud computing is, the pros and cons, cloud security risks, industry examples and more.
What is Cloud Computing? What are the Different Kinds of Cloud Computing? What are the Security Issues in Cloud Computing? Cloud Computing Service Examples What is Microsoft Azure? Microsoft Cloud App Security Microsoft Azure Security Response in the Cloud
Cloud Computing and Security
In this section we will go over what cloud computing is, what it can be used for, the different types of available services as well as the pros and cons.
What is cloud computing?
Cloud computing is essential in the delivery of automated services, integrating servers, networking, databases, software and analytics—and it is all accomplished over the internet, within ‘the cloud’. These resources are available on a pay-for-use distribution. Purchasing cloud technologies will typically offer these benefits:
- Lowering the overall cost of operations
- Managing infrastructure more efficiently
- Scaling technology quickly and easily as requirements change over time
What can cloud computing be used for?
Cloud computing supports the technological revolution that is currently happening in the marketplace. Online services we use every day—include the streaming of videos, listening to music, sending emails, playing games and storing data—are likely all being supported by the cloud. This revolution makes it easier to:
- Develop, create and sell new apps and services
- Reduce application development cost and time
- Evaluate data
- Protect data with storing, backing up and recovery deterrents
- Provide easier access to audiences with video and audio
- Integrate with Artificial Intelligence (AI) software
- Distribute software immediately
What are the different types of cloud computing?
There are three types of “… as a Service” technologies.
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
Software as a Service (SaaS)
Automated solutions supported by SaaS are typically an on-demand, subscription-based program. It is hosted and managed by third-party owners—’in the cloud’—who oversee the management and administration of infrastructure, maintenance, updates, security patches and any troubleshooting issues. End users of the product connect to the application via PC, tablet or phone within a web browser online, or with cellular data.
The service can scale immediately to usage as requirements change and data is stored securely in the cloud.
Platform as a Service (PaaS)
Cloud computing by PaaS provides an on-demand atmosphere for development, testing, delivery and management of automated applications. This route of servicing is preferred by end user developers who want to quickly create web or mobile apps without worrying about the costs and intricacies of managing backend hardware, servers, storage, networks, databases and more.
Infrastructure as a Service (IaaS)
Cloud computing by IaaS is a service that allows businesses to rent their server networking, storage, operating systems and more. This allows businesses to not have to invest or manage their money and time in their own hardware while providing them with a scalable infrastructure to support any updates.
All three of these cloud computing services are considered stackable. This means that automated solutions supported from each category of service can be combined with one another. It allows end users to scale their technology easily as their requirements adjust over time.
For example, a business learns they have a need for Human Resource (HR) automated solutions, but their existing Enterprise Relationship Planning (ERP) system—supported by a PaaS—is missing the capabilities. In response, they can easily integrate their current system, to add cloud-based modules in benefits management, onboarding, performance, payroll, time management and more supported by a SaaS integration.
What are the security issues in cloud computing?
Basically, the infrastructure supporting a cloud environment is only as secure as those who manage it make it to be. With businesses looking to automate processes that transfer data of personally identifying, financial or healthcare information, it’s important that all internal and external stakeholders are within alignment on how to keep data safe and away from bad actors. This will take the work of DevOps, operations teams, I.T. and more to ensure security controls are maximized.
To evade cloud computing risks and to avert security threats, there should be layers of security built-in at every level of the technology. Cloud-managed service providers, skilled specialists and more should all be involved in monitoring hardware, data centers and operating systems used.
Common security issues in cloud computing
Most cloud computing security risks are related to data security. The below lists from McAfee contain common SaaS and IaaS security issues.
Top SaaS security risks
- Lack of visibility into what data is within cloud applications
- Theft of data from a cloud application by malicious actor
- Incomplete control over who can access sensitive data
- Inability to monitor data in transit to and from cloud applications
- Cloud applications being provisioned outside of IT visibility (e.g., shadow IT)
- Lack of staff with the skills to manage security for cloud applications
- Inability to prevent malicious insider theft or misuse of data
- Advanced threats and attacks against the cloud application provider
- Inability to assess the security of the cloud application provider’s operations
- Inability to maintain regulatory compliance
Top IaaS security risks
- Cloud workloads and accounts being created outside of IT visibility (e.g., shadow IT)
- Incomplete control over who can access sensitive data
- Theft of data hosted in cloud infrastructure by malicious actor
- Lack of staff with the skills to secure cloud infrastructure
- Lack of visibility into what data is in the cloud
- Inability to prevent malicious insider theft or misuse of data
- Lack of consistent security controls over multi-cloud and on-premises environments
- Advanced threats and attacks against cloud infrastructure
- Inability to monitor cloud workload systems and applications for vulnerabilities
- Lateral spread of an attack from one cloud workload to another
Cloud computing for modern business
There are many factors for businesses to consider when they get ready to merge or enhance their processes and data with cloud computing solutions. As they begin addressing exclusive needs to improve operations, companies need to consider security, performance, government compliance, data housing, architecture complexity, layers, services of support, skills and more.
Advantages of cloud computing
- Renting software gives business flexibility to pivot or scale when requirements demand it
- Software updates with SaaS are implemented immediately
- The reduction in need of data centers, servers, software and staff drastically cuts costs without impacting technological needs
- Software is at 99.99 percent availability if workers have an internet connection
- Data become mobile and easily digestible
- Reporting becomes more enhanced for collaboration
- The environment takes less of a hit with the cloud
Disadvantages of cloud computing
- Internet downtime. It affects everyone here and there, and without an internet connection the cloud’s services do not work
- Security and privacy infrastructure is not developed securely enough
- Cloud computing is housed online, so each component can be at risk to malware, adware, phishing, trojan attacks and more if not properly secured
- End users have limited control and flexibility of the products they are renting
- Mitigating different, third-party systems, platforms, applications and modules doesn’t always work
- Pay-as-you go cloud solutions could end up costing businesses more money than anticipated if they don’t properly vet their needs
Cloud computing service examples
The following examples are popular cloud computing service examples that are used by hundreds of millions of people every year.
Amazon EC2—virtual I.T.
Amazon Elastic Compute Cloud (Amazon EC2) is a virtual I.T. solution that provides scalable computing capacity in Amazon Web Services (AWS). Launch as few or as many virtual servers as needed, allowing companies to configure security, networking and storage management easier. It also allows for faster development and deployment of applications.
Google App Engine—application hosting
Google App Engine allows businesses to develop and deploy applications on a scale seamlessly without having to manage the underlying infrastructure. With Google managing the infrastructure and deployments of updates to product and security, it allows developers to solely focus on developing great applications without worrying about management overhead.
Apple iCloud—network storage
Apple iCloud is a cloud computing network storage solution that securely stores documents, photos, videos, music, applications and more—while keeping them updated across all devices. It’s enhanced sharing features make it easy for users to stay connected.
DigitalOcean makes it easy for businesses to launch into the cloud and scale as requirements grow. Their deployment practices are optimized to run and scale distributed applications, artificial intelligence (AI) and machine learning workloads, client websites, hosted services or CI/CD environments.
Microsoft Office Online—SaaS
Office Online (formerly Office Web Apps) is a suite of applications that allow immediate access with an internet connection and a web browser. It allows users access to Word, Excel, OneNote, and PowerPoint. It allows for easy sharing of documents possible, from almost any device.
What is Microsoft Azure?
Microsoft Azure is a public cloud computing service. It offers solutions in storage, networking, analytics and intelligence, virtual computing and more to businesses of all sizes, small or large, old and new. The solutions they provide can be integrated within IaaS, PaaS and SaaS infrastructures and can be used to replace, or supplement on-premise networks. Azure helps companies eliminate the need for such energy and resources, thus, saving them thousands to millions of dollars per year.
What is Microsoft Azure used for?
Microsoft Azure is a fast, flexible and affordable platform that offers an array of capabilities for businesses looking for a technological edge. With Azure, companies can:
- Ensure data is protected with an enhanced disaster recovery process
- Create web and mobile applications on-premise
- Administer and support Active Directory
- Innovate with industry applications, modules, systems, platforms, workflows and more
Microsoft Azure Cloud Security
Microsoft Azure helps businesses reduce the costs and complexity of managing their network infrastructures. With multi-layered, built-in security controls—paired with threat intelligence—these companies can rest easy knowing their data is being protected by one of the most secure platforms on the planet.
It all starts with a secure foundation
The multi-layer security is beneficial to businesses who are looking to integrate physical data centers, infrastructure and operations in Azure. They will be able to rely on a cloud built with customized hardware, security controls and more to protect against threats including trojans, DDoS, malware, phishing, virus bots, etc. Companies are also protected by a team of 3500 cybersecurity experts available 24/7 if any issues arise.
Built-in Controls simplify security
Azure protects workloads for businesses with security controls and services in identity, networking, data and applications. It offers protection to those utilizing hybrid development environments, who need to integrate with other partner solutions within Azure.
Microsoft Azure offers security best practice courses in:
- How to manage identity and control access
- How to secure your network
- How to safeguard data
- How to centralize visibility and prevent attacks
- Certificate management
Expose risks before they happen with unique intelligence
New threats are identified quicker in real-time with security solutions in global cybersecurity intelligence distributed at cloud scale. By using machine learning, behavioral analytics and business intelligence tools, Azure helps companies develop actionable insights by analyzing:
- Over 18 billion Bing web pages
- 400 billion emails
- 1 billion windows device updates
- 450 billion monthly authentications
The insights found by intelligence applications help businesses detect threats faster.
Microsoft Cloud App Security
The Microsoft Cloud App Security is a multimode Cloud Access Security Broker (CASB). It provides businesses enhanced visibility, data travel control and sophisticated analytics help to find and destroy cyberthreats across all cloud services covered.
The CASB is designed to improve processes administered by security professionals. It provides simple deployment, offers centralized management and features innovative automation capabilities. The cloud computing security app helps cybersecurity professionals by:
- Monitoring and control via conditional access and a reverse proxy
- Centralizing automated security alerts within an ecosystem of over 200 integrations
- Exposing shadow IT threats beyond corporate network with single-click enablement
- Providing unified protection across endpoints, apps, cloud services and on-premises data
- Assessing and providing security recommendations for IaaS and PaaS environments
- Defining access by granular structures with powerful MDM controls for non-compliant devices
- Analyzing overall security based on settings input in Microsoft 365
- Producing insights from billions of datasets that help to enable faster product updates to detect threats
Microsoft Azure security response in the cloud
Microsoft follows a 5-step incident response process when security and availability of Azure services are interrupted. Those five steps are:
- Detect—event investigation has been triggered
- Assess—a team member on-call will assess the impact and severity of the event. Based on the seriousness of the event, further escalation may or may not happen at this point
- Diagnose—a technical or forensic investigation is conducted to identify containment, mitigation and workaround strategies. If customer data has become exposed to bad actors, a parallel Customer Incident Notification process begins
- Stabilize/Recover—response team creates a plan to mitigate issue. Crisis containment steps including quarantining impacted systems may occur immediately and in correlation with diagnoses.
- Close/Post-Mortem—after event is fixed, the incident team outlines the details of the incident and provides advice to policies, procedures and processes to prevent a reoccurrence from happening again
The security incident management program is one of the key reason’s customers using Microsoft Online Services sign up for their cloud computing and security offerings. The program was built by a team of dedicated cybersecurity experts and has evolved over many years.