Cloud Security: is identity becoming the new perimeter?
This statement came up during a discussion on Cloud Security, and more specifically on the use of SaaS applications. Very often, the only barrier between the end user and the application, is the identity of the user. This is most certainly the case for Cloud environments because their main goal is providing access to applications anywhere, anytime and on any device.
Strong or multi-factor authentication: part of a bigger whole
If you want no cloud of suspicion, strong or multi-factor authentication is key, especially in such environments. It is your main form of protection. Strong authentication ensures that unwanted users are unable to login using your credentials and then obtain confidential data. In the worst case, they can even modify data in an application without you noticing it. It is obvious that multiple security risks occur when your credentials are stolen.
Enabling this strong authentication usually is part of a larger Identity and Access Management solution that typically also provides single-sign-on and the provisioning and de-provisioning of users in cloud applications.
Behavior monitoring through CASBs
A second, and very important measure to protect your cloud applications, is to monitor the users’ behavior. This can be done by so-called Cloud Access Security Brokers or CASBs. Generally, these solutions are placed between the user and the cloud application. They provide security functionalities such as anomaly detection, threat detection, DLP, encryption… For the most used applications, Application Program Interface (API) connections are also available for traffic that cannot be proxied. That way, the monitoring and security of users having direct access to the SaaS applications can be assured.
Both IAM and CASB solutions can be combined in order to have a complete visibility and security solution for your cloud applications. To have an even stronger security, it is advised to log all your events to a Security Information and Event Management (SIEM) solution. If the SIEM is supplemented with a User and Entity Behavioral Analysis (UEBA) module, you can get the best protection possible.
So, as you can see, every cloud has a silver lining and can be protected with correct security measures. For more information about this topic and the solutions mentioned, please contact us.