Gartner estimates that public cloud revenue will grow 18.4% in 2021, reaching a total value of $304.9 billion. The COVID-19 pandemic accelerated business transition to the cloud, yet 85% of Chief Information Security Officers (CISOs) admit they’ve neglected cybersecurity in favor of quickly enabling remote working.
Today, cloud computing replaces legacy networks by providing increased connectivity, scalability, and efficiency. These traits are vital for a remote workforce, which made up almost half of American employees post-lockdown.
Enterprises choose Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS), and other solutions employees can use anywhere. While cloud resources are easy to access and integrate into everyday business operations, they face similar threats as traditional corporate perimeters.
“The cyberattack vectors in the cloud environment are the same as in traditional data centers. Software is used that contains vulnerabilities targeted by malicious users. Consumers are mutually responsible with a cloud service provider (CSP) for managing protection and should make appropriate investments in security infrastructure”, says Juta Gurinaviciute, the Chief Technology Officer at NordVPN Teams.
It presents a challenge for cybersecurity teams, as cloud connectivity reduces visibility and control. The CSP can be partially responsible for infrastructure and policies but varies depending on individual agreements and cloud models. Another weak spot is the connection, as users reach cloud assets via the internet instead of on-premise machines.
IP whitelisting – the first step towards a robust perimeter
A growing threat for enterprises is the inappropriate handling of application programming interfaces (APIs). A typical organization uses 363 of them. They help external developers and contractors reach software platforms, and 61% of enterprises adjust their strategies according to API integration.
However, developers often leave an API without strict authentication controls, exposing cloud resources to outside threats. As they open up to the internet, cybercriminals can breach the system and compromise the backend.
Therefore, access management is critical for cloud security. A traditional connection to the cloud is insufficient when employees operate remotely, so many companies opt for IP address management and secure virtual private network (VPN) connections. Yet, the solution known as IP whitelisting demands additional security checks.
“System admins create a list of IP addresses able to access cloud resources, but individual device management is tedious, given that device IP addresses continually change. Business VPNs come with a dedicated server option to ensure uniformity with one stable IP address. Remote users can log into clouds as if they were connecting from corporate premises,” says Gurinaviciute.
IP whitelisting is only a first step in ensuring coherent and robust digital protection. The goal of authentication is to identify the user, not the machine. Otherwise, upon gaining control of a device, cybercriminals may infiltrate the cloud further. It reduces the surface area for attack but with limited capability to fully protect the cloud.
IT teams should further segment the users with access to different assets on the cloud. Marketers, developers, accountants, and business contractors need additional resources to have only limited accessibility. To further limit exposure, consider establishing a Zero Trust Access approach, where employees can only work with particular assets and for a limited time.
“The center of authentication policy is the end-user, so the main goal is correctly identifying them. Enterprises are now strengthening their software-defined perimeters via third-party solutions. They offer multi-factor authentication or biometric logins, adding an extra layer of protection. These methods are the most up-to-date cloud cybersecurity measures and the hardest to breach”, comments NordVPN Teams expert.