Connect with us

Hi, what are you looking for?

Editor’s Pick

The leading threats to cloud data security

<?xml encoding=”utf-8″ ??>

As an increasing number of companies become dependent on the cloud, attackers are taking advantage of its large attack surface and inconsistent security protocols.

Many users lack an adequate understanding of their own security responsibilities, which makes their environments vulnerable to attack.

To mitigate this, your organization ought to consider implementing cloud data security solutions. These measures can help you manage risk by monitoring access and notifying you of incidents, which will enable you to catch problems early. As a rule, discovering a breach early reduces the amount of damage an attacker is able to do.

The Cloud is a Big Attack Surface

To compete and thrive in the modern business environment, many companies have had to establish operations in the cloud. Because it reduces infrastructure costs and can improve employee accessibility and efficiency, the cloud has proven to be a valuable asset to a growing company. However, many companies lack a complete understanding of how the cloud works, how to effectively secure their cloud-based data, and what security measures are their responsibility.

Cloud security can be complex. Often, companies utilize multi-cloud environments, which means multiple cloud providers are involved in business operations. For example, an organization might use both Google Drive and Share point for file storage. While this may be useful to the business, differing security protocols across the two providers can result in gaps and vulnerabilities in the environment. Many cloud service providers use the shared responsibility model for security, which means part of the responsibility belongs to the users. Unfortunately, many users don’t understand this, which creates potential exploits.

The Main Threats to the Cloud

When users aren’t aware of their responsibility for their data security, it can be very easy for vulnerabilities to pop up. Some common vulnerabilities associated with the cloud include the following:

Weak credentials. 76% of companies do not require the average user to use multi-factor authentication (MFA).Failing to implement MFA is a big problem, but there is an even more basic threat. According to reports, 53% of organizations permit users to create weak passwords, and 44% allow those users to reuse their passwords. Permitting weak credentials enables attackers to enter your environment more easily, either through brute-force hacking a password or through social engineering attacks.
Unlimited access. Many companies do not adequately limit or monitor access to their data. Employees are able to access more than they need to do their jobs, and in some cases, sensitive data is not appropriately categorized or protected. If an attacker uses employee credentials to access data, unlimited access allows that attacker to move freely through your systems. A limited access protocol would limit the amount of sensitive information an attacker can access.
When data is improperly categorized or misfiled, it may not be appropriately protected. Attackers looking through your files may find your Remote Desktop Protocol (RDP) exposed to the public internet (73% of organizations have this problem). Database services like SQL Server, MySQL, or Redis are exposed in 41% of organizations surveyed. Outside of sensitive protocols, private data was stored outside of the correct, secure locations 63% of the time. This is a field day for an attacker.
Open-source vulnerabilities. As more organizations build their applications on open-source code and then utilize it in the cloud, they put themselves at greater risk of attack. 63% of analyzed source code has critical or high-risk vulnerabilities. Attackers can utilize these known vulnerabilities associated with the original code to exploit your application and either steal data or hold your web app for ransom.
Unpatched vulnerabilities. It’s tricky for security teams to keep up with every new vulnerability discovered in your organization’s environment; however, failure to effectively prioritize and patch can have detrimental impacts. Public-facing cloud services are at a high risk of attack due to their consistent exposure to online activity and the challenges of filtering traffic. So, any unpatched vulnerability can be used as an entry point, especially if your web app doesn’t have firewalls or other protective measures.

Securing Cloud Data and Applications

To minimize your risk of attack, you need cloud data security and application security solutions. Require your users to create strong passwords that include symbols/numbers/ special characters, and do not allow them to reuse these passwords on multiple accounts or devices. Users should change their passwords periodically, and they should not be able to only change a single character of that password. Implement MFA and provide training to help users avoid social engineering or phishing attacks.

Create protocols that limit employee access to data. If certain files are not needed for that employee to do his job, he should not be able to access them. Cloud data security solutions can augment your efforts by monitoring data for unusual access attempts and log who is accessing what data, even if that person does have permission. Automated solutions can alert you when there is suspicious activity or an incident, and they can implement security protocols, data discovery and classification, and compliance reporting.

Despite the risks of cloud-based data storage, it is an essential part of a competitive business structure. However, to use it effectively, you need to consistently monitor and patch your cloud environment while providing training to employees, limiting access to sensitive data, and properly categorizing sensitive data.

Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!



The rapid advancement of digital technologies has gained momentum to a degree that it transformed almost every aspect of modern life. From enhanced and...


Massive construction activities that are ongoing and upcoming across Eastern, Central, and Western Visayas are further driving demand in the region’s construction industry this...


Amidst the picturesque Dole pineapple plantation, SATNET powered by Kacific bridges the connectivity gap. Have you ever wondered how a leading, remote food processing...


US dollar banknotes are seen in this illustration taken July 17, 2022. — REUTERS By Keisha B. Ta-asan, Reporter PHILIPPINE DOLLAR reserves slipped at...


PHILIPPINE STAR/MICHAEL VARCAS By Luisa Maria Jacinta C. Jocson, Reporter THE PHILIPPINE ECONOMY is likely to grow by 6% this year amid strong domestic...


By Kyle Aristophere T. Atienza, Reporter ECONOMISTS are worried about the alleged failure of Philippine lawmakers to take into account the health of state-owned...

You May Also Like


COVID-19 has had a significant impact on the mental health of Filipinos across different groups all over the archipelago. From frontline workers, parents balancing...


REUTERS By Luz Wendy T. Noble, Reporter The country’s foreign exchange buffers slightly increased as of end-October as the value of the central bank’s...


BW FILE PHOTO GROSS BORROWINGS by the National Government reached P2.6 trillion as of end-September as it continued to raise funds to respond to...


KARASOLAR.COM TENA, Ecuador — Ecuador’s rainforest Achuar people say their ancestors long dreamed of a “fire canoe” or “electric fish” that would let them...

Disclaimer: Respect, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2022 Respect Investment. All Rights Reserved.