Earlier this week, guests’ personal information at 10.6 million MGM Resort hotels was posted in a hacking forum following the data breach on a cloud server.
With this in mind, we’ll take a look at the steps you can take to avoid the damage of a public cloud attack and explain how Sophos can view and back up data in the public cloud.
Know your responsibility
The first step in backing up your public cloud data is to know what you’re responsible for.
Behind-the-scenes cloud providers such as AWS, Azure, and Google give customers more flexibility in building their cloud environments.
However, this flexibility does not provide complete protection for virtual networks, virtual machines, or data in the cloud. Instead, you are responsible for running a shared responsibility model, ensuring cloud security, and placing it in the cloud.
Items managed by public cloud providers, such as data center physical protection and virtual separation of customer data and environment.
There may be several basic firewall type rules that control access to your environment. However, if you leave the port open for the whole world, the problem occurs if the port cannot be configured correctly. So learn your responsibilities and act on it.
Whether you’re a large number of public cloud users or have just started, here are five important steps you need to take to minimize the risk of cloud-based attacks:
Step 1: Apply Local Security Learners
On-site safety is the result of decades of experience and research. If you want to protect your cloud-based servers from infections and data loss, consider what you’re already doing with your traditional infrastructure and adapt to the cloud.
Place a Web Application Firewall (WAF) on a cloud gateway to prevent threats from reaching cloud-based servers. You can also include IPS (compliance assistance) and outbound content controls to protect your server/VDI.
Sophos’ XG firewall protects your cloud and hybrid environment. You can also use preconfigured virtual machines in Azure and AWS to get you up and running quickly.
Server host protection
Like cloud-based servers, it provides effective cybersecurity protection on cloud-based servers.
Sophos Intercept X for Server protects AWS and Azure workloads from the latest threats. Take a look at the overview of this video to see what actually works.
Endpoint security and e-mail protection
If the network is in the cloud, r Laptops and other devices stay on the ground, and it takes phishing emails and spyware to steal user credentials for your cloud account. Keep your device endpoint and email up-to-date to prevent unauthorized access to your cloud account.
Step 2: Identify all cloud assets
If your data doesn’t appear in the public cloud, you can’t back it up. Therefore, one of the most important factors for the correct state of cloud security is to understand the exact visibility of the infrastructure and the way traffic flows within the infrastructure. This allows you to identify traffic behavior anomalies, such as data loss.
Step 3: Create a full inventory:
Create a complete inventory of the cloud, including server and database instances, storage services, databases, containers, and serverless features. Look not only for the number of assets, but also for weaknesses. Potential risk areas include:
Databases that Ports that are open to the public Internet and that attackers can access
Set cloud storage services for the public
Virtual disk and elastic search domain are set to public
Actively manage access to user roles, permissions, and role-based cloud services. The nature of personal and group access to services poses significant challenges and allows attackers to exploit this vulnerability.
Visualize all types of access, understand relationships with cloud services, identify access beyond permissions, and review policies accordingly. Because when a hacker receives these credentials, they can search for sensitive data through their cloud accounts.
Step 5: Active monitoring of network traffic
Look for signs of network traffic compromising as unusual traffic spikes and is an important indicator of data leakage.
The dynamic nature of the cloud means that traffic and resources change frequently, so people generally have difficulty tracking all these data points.
Instead, you can use AI to use these data sources to create images of “normal” traffic and immediately alert you to unusual and malicious behavior when activities occur outside of “normal.”
Sophos’ Cloud Optix makes it easy to see all your cloud databases and workloads. It is also possible to identify potential vulnerabilities in the architecture to avoid potential compromise points.
Start an instant dutyless online demo to watch Cloud Optix trade on your own.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.