What are the security risks of enterprise cloud migration and how can they be mitigated? What are some specific...
pitfalls companies should be aware of when they move systems or applications to cloud platforms, and how can they ensure a secure cloud migration?
One of the main risks involved in a cloud migration is that the apps or systems that worked well in the physical, on-premises IT environment can often fail on a cloud platform. Security and performance issues that were fixed or weren't visible in house may reappear in the cloud.
Some enterprises assume all cloud providers have security tools to protect sensitive data against cloud attacks. However, cloud users have limited or no control over the security tools providers use to make cloud services more secure.
Ransomware is another concern in ensuring a secure cloud migration. In a November 2016 survey, Check Point Software Technologies found most of the companies it surveyed were "concerned about recent ransomware attacks." The respondents perceived corporate data residing in the cloud as vulnerable to hacked APIs, data breaches and denial-of-service attacks. They also felt that corporate data wasn't properly protected from ransomware attacks.
Here are three potential migration pitfalls and recommendations to ensure a secure cloud migration:
1. APIs for apps that ran well in house are hackable.
To avoid this, the company should check APIs for vulnerabilities in a test environment. App behavior should be changed to mitigate the risks of APIs being hacked in the cloud.
2. The security tools provided by the cloud providers don't protect corporate data.
To ensure a secure cloud migration, the company should implement plans and policies on data protection tools. A cloud provider should give the company a list of security tools. The list should help determine what additional security tools are needed to protect the company's data.
3. Well-behaved apps and systems in the cloud need audits.
The company should perform periodic audits to mitigate the risks of exploiting new vulnerabilities that could lead to denial-of-service or other types of attacks. The audits should help the company ensure plans, policies and security controls are properly in place.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Dig Deeper on Cloud Patch Management and Cloud Configuration Management
Related Q&A from Judith Myerson
The Constrained Application Protocol underpins IoT networks. But the protocol could allow a threat actor to launch an attack. Continue Reading
Dutch researchers discovered flaws in ATA security and TCG Opal affecting self-encrypting drives. What steps can you take to guard data stored on ... Continue Reading
The Signal Desktop application was found to be making decryption keys available in plaintext. Learn how the SQLite database and plaintext passwords ... Continue Reading