Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East, kicks off this month’s Editor’s Question below, focusing on cloud data protection.
Every organisation has serious concerns about data protection, but small- and medium-sized enterprises (SMEs) with little budgets should take particular notice. According to Check Point Software’s 2024 Cloud Security Report, cloud security incidents have surged, with 61% of organisations reporting breaches in the past year. This alarming trend underscores the ever-increasing risk in cloud environments and highlights the urgent need for robust data protection strategies.
For SMEs, adopting a preventive-first approach to securing the cloud is essential. Despite the rising incidence of breaches, only 21% of organisations prioritise preventive measures. Taking a proactive stance on security can pre-empt potential threats. SMEs should leverage advanced security solutions, particularly those incorporating Artificial Intelligence (AI), to predict and prevent attacks. AI-powered Web Application Firewalls (WAFs) are crucial, offering immediate protection against zero-day exploits without relying on signature-based detection.
Data security breaches now rank as the most common cloud security incident, reported by 21% of organisations. To safeguard sensitive data, SMEs should focus on Cloud Security Posture Management (CSPM) and Data Security Posture Management (DSPM). These tools enable effective policy management, control identification of misconfigurations and provide real-time visibility into stored sensitive data, its accessibility and usage. This is especially critical given the rising misuse of cloud services and configuration errors.
Other than that, organisations should consider advanced network security solutions that scale with their cloud infrastructure. These solutions should seamlessly integrate and offer comprehensive protection, supporting both macro- and micro-segmentation and unified policy management across cloud platforms. Incorporating AI into these systems enhances detection and prevention capabilities against sophisticated cyberthreats, including zero-day attacks.
The integration of a Cloud Native Application Protection Platform (CNAPP) proves highly valuable for SMEs, offering a unified approach to securing the cloud. CNAPP solutions consolidate Cloud Security Posture Management, Cloud Workload Protection, Cloud Infrastructure Entitlement Management, Cloud Detection and Response and Code Security. This integration streamlines security processes, reducing manual inefficiencies and enhancing overall protection.
Finally, to address the shortage of skilled cybersecurity professionals, organisations should invest in advanced training and development for existing staff to bridge the skills gap. Additionally, consulting services can aid in integrating security solutions across various tools and platforms, optimising resource utilisation. SMEs can also benefit from managed CNAPP services, seamlessly integrating with their IT and InfoSec operations to enhance monitoring, configuration, policy tuning, incident management and troubleshooting. This holistic approach compensates for the shortage of skilled personnel and ensures continuous protection.
Sergei Serdyuk, VP of Product Management, NAKIVO:
When it comes to security, SMBs often find themselves grappling with limited resources compared to their larger counterparts. That does not mean security should be overlooked or put off until later. Even on a smaller scale, prioritising security can help SMEs protect data, prevent unauthorised access and reduce the risk of financial, reputational or legal losses.
Whether for a public or private cloud environment, properly protecting cloud storage requires a comprehensive approach, combining policies, technical controls and best practices.
Choosing a well-established, reputable provider with a strong track record in security and compliance is a crucial step for smaller organisations in securing their public cloud storage. The security practices of the cloud provider should be carefully reviewed by SMEs, including data encryption, access controls and incident response protocols. A thorough understanding of the cloud provider’s shared responsibility model is vital for clarity on security aspects they are responsible for.
SMEs should also classify their data based on sensitivity levels to apply appropriate security measures. Not all data needs the same level of protection.
Access control and authentication. Implementing strong authentication mechanisms such as multi-factor authentication (MFA) will prevent unauthorised access, while also setting up role-based access controls (RBAC) to ensure that users have the minimum necessary permissions.
By combining strong password management practices with multi-factor authentication, SMEs can significantly reduce the risk of unauthorised access, data breaches and other security threats to their cloud storage systems. Users are required to provide something they know (password) and something they have (second authentication factor), creating a more robust and layered security approach.
Regular security and compliance audits should be conducted to assess the effectiveness of the organisation’s security measures and ensure compliance with industry standards.
Regular monitoring can be conducted by setting up robust logging and monitoring systems to detect and respond to any suspicious activities within private cloud. Monitoring plays a crucial role in enhancing the security of cloud data storage by providing continuous visibility into the environment, detecting anomalies and enabling swift response to potential threats. SMEs can continuously monitor the cloud environment for unusual activities using security information and event management (SIEM) tools.
Data backup and recovery. Carrying out regular data backups and testing data recovery processes will help ensure Business Continuity in case of data loss.
Deploying robust backup and disaster recovery solutions to ensure data availability and resilience in case of incidents is a vital measure.
Implementing backups for data stored in the cloud can significantly enhance cloud storage security by providing an additional layer of protection against data loss, breaches and unforeseen events. Backups involve creating duplicate copies of data and storing them in separate locations, ensuring data resilience and mitigating risks.
Jakob Østergaard, CTO, Keepit:
As companies are increasingly moving critical data to the cloud, a robust data protection strategy is key for any SME. Access and control of data is the foundation of any business and with cyberthreats on the rise, it’s important for companies to look under the hood and assess their backup and recovery capabilities.
Assessing your company’s data protection health can be done with the following, easy steps:
- Identify critical business processes and systems. Start your backup policy by listing critical business processes and data crucial for Business Continuity. This includes safeguarding, for example, customer data, financial records and intellectual property, as well as aligning with any local compliance regulations, such as GDPR.
- Protect identity systems. Recognise the central role of identity systems, such as Entra ID and Okta, in user authentication and authorisation data. Protecting these systems is paramount to reducing the risk of unauthorised access and data breaches as they define who can access what inside a company’s network.
- Ensure regular backups and establish retention periods. Implementing a well-structured backup schedule or automated scheduling to ensure regular backups will bring peace of mind and ensure you’re in control of your data. Customise your retention periods to your business and ensure you’re in compliance.
- Define recovery procedures and test them regularly. Establish clear procedures for restoring data following a loss. Specify responsibilities, access protocols and determine the priority of data recovery. Regularly test backups to verify their ability to be swiftly and accurately restored in the event of data loss.
- Choose a backup and disaster recovery partner. After implementing the framework, you’re ready to explore solutions tailored to your requirements. When selecting a vendor, adhere to industry best practices for data protection.
A well-structured backup policy is indispensable in any organisation’s IT strategy, serving as a safeguard against data loss or corruption. It provides assurance that critical data remains protected, retained and promptly recoverable.
Chris Harris, EMEA Technical Associate Vice President, Data Security, Thales:
Cloud security is now at the heart of business security concerns, according to Thales’ Data Threat Report, with 72% of organisations citing this as an ongoing issue in the age of cloud computing. With many SMEs facing additional security concerns, given they often have fewer dedicated security teams and less robust defences in place, protecting cloud data is of paramount importance in today’s climate. With this in mind, here are some best practice tips for SMEs looking to strengthen their cloud data protection:
Prioritise compliance
Enterprises that successfully passed their security audits had significantly lower chances of cloud data breach. According to the 2024 Thales Cloud Security Study, 14% of respondents reported a cloud data breach in the last 12 months, compared to only 4% of those that passed their compliance audits. What may seem like a mundane tick-box exercise is clearly a critical requirement to ensure defences are robust enough to stay ahead of an ever-changing landscape.
Take a proactive approach
Although complying with requirements is essential, taking a proactive approach is especially important as the landscape rapidly develops and changes form. Businesses should continually assess and audit their defences and change how they’re authenticating their systems and data accordingly.
Instead of waiting for the eventuality of a breach, business leaders can also practice proactive tabletop exercises, so they are prepared should an attack take place. This allows them to tackle weaknesses and vulnerabilities that emerge ahead of real threats.
Address lack of encryption:
There is an alarming lack of encryption across cloud data, according to Thales’ research. Less than 10% of enterprises said they have encrypted 80% or more of their sensitive cloud data. SMEs need to roll out widespread encryption to ensure data – whether at rest or in transit – is safeguarded against unauthorised access.
Segment access
The 2024 Thales Cloud Security Study found that 47% of data in the cloud is sensitive, making the implementation of access controls more important than ever. Businesses should segment access to ensure only essential personnel can reach sensitive data. Additionally, implementing multi-factor authentication (MFA) requires users to verify their access rights through multiple authentication factors.
Tackle human error
Thales’ 2024 Data Threat Report revealed human factors are still a major cause of cloud data breaches, with cybercriminals capitalising on the human propensity to make mistakes in order to capture sensitive credentials or gain access to the cloud.
From a technical perspective, SMEs can consider shifting from passwords to biometrics or other stronger, easier-to-use systems like passkeys. This reduces reliance on the human memory of their workforce. When developing defences and rolling out security policies, it’s important to consult employees about their preferences to ensure the measures are feasible and not subject to workarounds.
From a behavioural perspective, cybersecurity awareness training is critical to build cyber literacy across the organisation. This training encourages critical thinking to spot threats like phishing emails and promotes a culture of collective responsibility, highlighting the role employees play in protecting both themselves and the organisation.
Aslam Tajbhai, Head of Solutions at Data Management Professionals South Africa:
As businesses embrace Digital Transformation, SMEs are rapidly adopting cloud technology to boost productivity and efficiency. However, this shift also brings the challenge of protecting sensitive data from the growing threat of cyberattacks. Every organisation must have a comprehensive cyber-resiliency strategy. This strategy combines data management and security measures to ensure quick data recovery in case of a cyber incident or disaster.
Identifying critical data, categorising servers and applications by importance and regularly testing recovery processes in controlled environments are essential steps for SMEs to enhance their security posture.
Simplifying data protection solutions
To effectively manage data protection, SMEs should keep their solutions simple. Using multiple complex systems can create vulnerabilities; instead, a unified platform that streamlines protection across all environments, whether on-premises, in the cloud or on endpoint devices, is recommended. A straightforward licensing model, where SMEs only pay for what they use, can reduce costs and simplify management.
Optimising bandwidth for cloud transition
As SMEs transition to the cloud, optimising bandwidth becomes essential. Utilising data protection solutions with advanced deduplication and compression capabilities can minimise network congestion, which is particularly beneficial for organisations with limited Internet bandwidth. Additionally, ensuring cloud mobility allows businesses to shift between cloud providers, preventing lock-in and enabling them to choose the best services.
Prioritising backup data security
With cybercriminals increasingly targeting backup data, it is crucial for SMEs to implement stringent security measures. Backup data should be stored in secure, separate locations with strict access controls and two-factor authentication. Implementing authorisation workflows for deleting and restoring data can further safeguard against unauthorised actions. Using air-gapped, ransomware-protected environments ensures that a clean copy of data is always available for recovery.
The importance of encryption
Encrypting all data, both during transmission and at rest, is vital to ensure that intercepted data remains unreadable to unauthorised users. This practice significantly enhances overall data security and protects sensitive information from potential breaches.
By embracing best practices in data protection, organisations can effectively shield their information from evolving cyberthreats, fostering a secure environment that empowers employees, clients and stakeholders. This proactive approach not only enhances trust and confidence among team members, encouraging greater engagement with digital tools, but also strengthens customer trust by ensuring the careful handling of personal and financial information.
Moses Munguti, Technical Expert in Sub-Saharan Africa at Kaspersky:
Kaspersky research has found that SMEs are increasingly being targeted by cybercriminals with the number of infections in January-April 2024 rising by 5% compared to the same period of last year. There were 4,110 unique malware and unwanted software files distributed under the guise of SMB-related software. This represents an 8% increase year-on-year and suggests an ongoing rise of attacker activity towards SMEs.
In recent years, more SMEs have turned to cloud services to streamline operations and provide an increasingly hybrid workforce with access to data and applications regardless of geographic location. However, these cloud services are not without risk. Even though the cloud has its own specific threats, there are several similarities to on-premises environments. For instance, system vulnerabilities due to users not installing regular security updates and software patches. Poor password hygiene and a lack of user awareness of the risks associated with the cloud are other concerns.
Additional cyberhygiene measures to consider include using multi-factor authentication for access to remote services and performing frequent backups of essential data. Good business practices and complying with the SME’s security policy must be enforced to further strengthen the security environment.
With data being one of an SME’s most valuable assets, safeguarding it with encryption, access controls and regular backups must be a priority. Even though many small business owners assume their cloud provider will protect their data, it is a shared responsibility between both organisations. Of course, an SME must choose a reputable cloud provider with a strong track record of authentication measures.
Beyond that, the SME needs to consider implementing its own solutions that can monitor cloud environments for potential threats. For example, Kaspersky Next keeps data safe with advanced security management for all endpoints while watching for emerging threats and cloud-based vulnerabilities.
When it comes to the cloud, the attack surface is a wide one with every employee device that connects to the cloud a potential entry point for a cybercriminal. Reducing this surface is therefore critically important. In practice, this means disconnecting unnecessary open ports or disabling unused services to limit potential entry points for attackers.
Beyond these tips, one of the best ways for any SME to mitigate cloud threats is to adopt a Zero Trust model. This means the business must treat any attempt at gaining access to data as a potential threat until it is proven otherwise. Therefore, each user, device and application must pass the authentication procedure before it can access the data at hand whether stored on-premises or in the cloud.
Of course, these best practice tips focus on the technology aspects of improving cloud data protection. Human error, often due to poor cybersecurity awareness, is another significant vulnerability for SMEs. SMEs should therefore continually educate employees on cybersecurity best practices. By knowing how to recognise potential threats, staff can become a vital ally in the fight against hackers.