Credential theft is now the number one cause of data breaches around the world. It’s no longer malware or brute force attacks of some kind, but rather stolen employee login details that cause the most problems for cybersecurity.
Within the last 18 months, 79% of companies have experienced at least one cloud attack. But 43% have seen 10 or more breaches during that time.
With the move to cloud technology over the past several years has been an accompanying shift in the types of attacks that cybercriminals focus on. With most data and operations now being cloud-based, that’s where they target.
A breach of a cloud account, especially if it’s a privileged account, can lead to:
- Your company domain being used to send phishing
- Ransomware infection and ransom demand
- Stolen sensitive information
- Data breach of customer records
- Being locked out of your account
- And more
To ensure your cloud environment is secure, it’s important to put a layered strategy in place, just like you should with on-premises security. This includes protecting the cloud environment itself and the devices connecting to it.
There are four main pillars of cloud security you should address in your IT security strategy.
If a smartphone that logs into your company accounting software has spyware embedded, a hacker could easily gain access to your financials and bank account through that digital connection.
It’s important that any device connecting to your cloud accounts – desktop, laptop, smartphone, tablet, smartwatch – have proper protections from being lost, stolen, or breached by malware.
Standard best practices of device security include:
- Screen lock
- Automated patch & update management
- Endpoint/mobile device manager
- Remote connection to find, lock or wipe a lost or stolen device
We started with the fact that credential theft is now the main cause of data breaches. It’s time to take control of password security and not expect employees to just follow good password practices on their own.
The average person has 100 passwords to keep up with. That’s so many that it would be impossible for someone to remember that many strong and unique passwords for each one even if they wanted to.
Some protections that you should put in place to keep cybercriminals from breaching credentials and conducting insider attacks include:
- Business password manager (provides an encrypted vault to store passwords)
- Multi-factor authentication (the #1 defense against credential theft)
- Forced strong passwords in applications (meaning they reject weak passwords)
- Cloud access monitoring
- Mobile device management (allows you to block any device not on your approved access list)
Network security is more important than ever because the nature of company networks has changed during the pandemic. A company network is no longer just the connections in an office to each device inside that same building. The network now includes anywhere employees are connecting to your company cloud resources, such as at home when working remotely or when on mobile while out and about.
It’s important to have both on-premises and mobile safeguards in place to help ensure your network isn’t breached, which could enable access to user credentials and cloud accounts.
Some of the network security safeguards to have in place include:
- Next-generation firewall
- Virtual Private Network (VPN) (is used on a device and can encrypt data, even when on a public Wi-Fi connection)
- Advanced threat protection monitoring
- Strong router passwords & MFA
- The use of a “guest” network for remote workers to separate business device traffic from home devices
When you initially sign up for a cloud service, one of the first things you should do is have a security professional help you with cloud security configurations. Many companies leave these at the default and leave their accounts at risk as a result.
Misconfiguration of cloud security settings caused 39% of web application data breaches in 2020. Misconfiguration can include both incorrectly setting cloud security too low or just leaving it too low by not changing it from the defaults.
Platforms, such as Microsoft 365, have multiple security settings you can use. But cloud security is a shared responsibility. The cloud service provides the ability to secure your account with various protections against malware and account breaches. However, it is up to the customer to utilize those capabilities and configure their account as needed.
Too many companies neglect to do this and thus leave themselves open to breaches due resulting from misconfiguration.
Schedule a Cloud Security Review Today!
Does your company have each of these four pillars of cloud security addressed properly? Quantum PC Services can help your Sturgeon Bay business review your cloud security and ensure you’re not needlessly vulnerable to a breach.
Contact us today to learn more! Call 920-256-1214 or reach us online.