Are phishing attacks on cloud data preventable?
Wednesday, September 17, 2014/
Today one of the greatest threats to your data in the cloud is phishing attacks that collect your staff username and password.
Once an attacker has this data, they can make use of a simple login and abuse and collect methods to damage or harvest information. There is no doubt that this sort of malicious activity can be entirely detrimental to the quality and control of your data.
Certainly, manipulated data can be recovered from an archive or backup if the manipulation is noticed. The cloud service provider can alert you if a new login location or device is detected, but they cannot entirely stop this sort of attack.
This means we need to find other ways to protect the data at rest on these cloud services so that the hacker armed with your staff login credentials is not given carte blanche to read and download corporate information.
Part of the solution is an encryption gateway product such as Vaultive for the Microsoft stack. An encryption gateway adds a layer of protection to data leaving your controlled network so that the data in use, in transit and at rest is encrypted with 256-bit encryption to stop would-be attackers or other agencies from viewing the data.
This also protects you from the staff of the cloud service provider and any other agency that legitimately gains access to the administrative rights of the server. Unless the data travels back via the encryption gateway and is unencrypted using your corporate encryption key it cannot be read.
The important feature of this sort of device is that your organisation generates the encryption key and stores it in your own safe storage. It is not a service provided by the cloud service provider, so they do not hold a key and do not have a back door to your data. You can also control which devices and how those devices access your encryption gateway, so now you are in control of your data.
Of course, once the devices are set up to use the gateway your staff do not even need to know that their data is encrypted. So long as they are recognised by the gateway it will not have any impact on them.
When the hackers hit your cloud provider it will be great to know that yours is the data they could not read.
If you wish to destroy data that is in backup or in archive it is as simple as destroying the encryption key that data was encrypted with, so managing keys by date or by organisational unit gives more granular control of when data is made unavailable. Key rotation becomes your best line of defence.
There are many factors driving organisations to make use of cloud solutions, with a key one being cost of deployment, so there is a degree of inevitability that your organisational data will progress to the cloud.
It is no wonder that encryption gateway products are becoming one of the hottest security products in the marketplace today.
Analysts are suggesting that there are many components to remaining safe in the cloud, from identity management tools to device management tools and on to biometric logon and others. Encryption gateways are just part of the story that is now unfolding to resolve the overhanging issue of cloud security. If you are not sure what solutions you require for your organisation, seek assistance before your organisation hits the press as having the latest breached system.
David Markus is the founder of Combo – the IT services company that is known for solving business problems with IT. How can we help?