Security in the Cloud
Information Bleed
with multiple customers processing and storing data over the same infrastructure, there is the possibility that data belonging to one customer will be read or received by another
Countermeasures for loss of physical control
you can use all of the protections listed in the internal threats, theft/loss of devices, and loss of policy control entries to this list
Concerns with community clouds are: loss of policy control, loss of physical control, and lack of audit access
Concerns with community clouds are: loss of policy control, loss of physical control, and lack of audit access
Concerns with private clouds are: malware, internal threats, external attackers, MITM Attacks, social engineering, theft/loss of devices, regulatory violations, and natural disasters
Concerns with private clouds are: malware, internal threats, external attackers, MITM Attacks, social engineering, theft/loss of devices, regulatory violations, and natural disasters
Concerns with public clouds are: rogue administrator, escalation of privilege, and contractual failure
Concerns with public clouds are: rogue administrator, escalation of privilege, and contractual failure
Potential emergent BIA concerns include, but are not limited to, the following: new dependencies, regulatory failure, data breach/inadvertent disclosure, and vendor lock-in/lock-out
Potential emergent BIA concerns include, but are not limited to, the following: new dependencies, regulatory failure, data breach/inadvertent disclosure, and vendor lock-in/lock-out
Risks in the public cloud that do not exist in other models are as follows: conflict of interest, escalation of privilege, information bleed, and legal activity
Risks in the public cloud that do not exist in other models are as follows: conflict of interest, escalation of privilege, information bleed, and legal activity
Risks that all private cloud operators face include the following: personnel threats, natural disasters, external attacks, regulatory noncompliance, and malware.
Risks that all private cloud operators face include the following: personnel threats, natural disasters, external attacks, regulatory noncompliance, and malware.
Risks that exist with IaaS motif are personnel threats, external threats, and lack of specific skillsets
Risks that exist with IaaS motif are personnel threats, external threats, and lack of specific skillsets
Risks that exist with PaaS motif are interoperability issues, persistent backdoors, virtualization, and resource sharing
Risks that exist with PaaS motif are interoperability issues, persistent backdoors, virtualization, and resource sharing
Risks that exist with SaaS motif are proprietary formats, virtualization, and web application security
Risks that exist with SaaS motif are proprietary formats, virtualization, and web application security
Some factors to consider when selecting a cloud provider include the following: provider longevity, core competency, jurisdictional suitability, supply chain dependencies, and legislative environment
Some factors to consider when selecting a cloud provider include the following: provider longevity, core competency, jurisdictional suitability, supply chain dependencies, and legislative environment
The benefits of community cloud are resiliency through shared ownership, shared costs, and no need for centralized administration for performance and monitoring.
The benefits of community cloud are resiliency through shared ownership, shared costs, and no need for centralized administration for performance and monitoring.
The customer is concerned with data, whereas the provider is concerned with security and operation. TRUE
The customer is concerned with data, whereas the provider is concerned with security and operation. TRUE
The customer wants to refute control, deny insight, and refrain from disclosing any information used for malicious purpose. FALSE
The customer wants to refute control, deny insight, and refrain from disclosing any information used for malicious purpose. FALSE
The customer's ultimate legal liability for data it owns remains true even if the provider's failure was the result of negligence. TRUE
The customer's ultimate legal liability for data it owns remains true even if the provider's failure was the result of negligence. TRUE
The risks and responsibilities will be shared between the cloud provider and customer. TRUE
The risks and responsibilities will be shared between the cloud provider and customer. TRUE
There are several things an organization can do to enhance the portability of its data: ensure favorable contract terms for portability, avoid proprietary formats, ensure there are no physical limitations to moving, and check for regulatory constraints
There are several things an organization can do to enhance the portability of its data: ensure favorable contract terms for portability, avoid proprietary formats, ensure there are no physical limitations to moving, and check for regulatory constraints
Declaration
a crucial step in the BC/DR process; the cloud customer and provider must decide, prior to the contingency, who specifically will be authorized to make this decision and the explicit process for communicating when it has been made
Private Cloud
a legacy configuration of a datacenter, often with distributed computing and BYOD capabilities; the organization controls the entire infrastructure (hardware, software, facilities, administrative personnel, security controls, and so on)
Personnel Threats
a malicious or negligent insider can cause significant negative impact, as they have physical access to the resources
Cloud Operations, Cloud Provider as Backup
an attractive benefit of this cloud backup is the resiliency and redundancy offered by cloud datacenters, especially from market leaders; cloud providers might offer a backup solution as a feature of their service- a backup located at another datacenter owned by the provider in case of disaster-level events; the provider will have the responsibility for determining the location and configuration of the backup and most of the responsibility for assessing and declaring disaster events
Rogue Administrator
an enhanced form of the insider threat
Guest Escape (Virtual Machine Escape)
an improperly designed or poorly configured virtualized machine or hypervisor might allow for a user to leave the confines of their own virtualized instances
Countermeasures for Malware
antimalware applications employed in actual host devices and virtualized instances; specific training for all users regarding the methods used for introducing malware into a cloud environment; network monitoring; updates and patches
Escalation of Privilege
authorized users may try to acquire unauthorized permissions
Countermeasures for Internal Threats
background checks, resume/reference confirmation, and skills and knowledge testing should be conducted
Vendor Lock-Out
can be caused when the cloud provider goes out of business, is acquired by another interest, or ceases operation for any reason; the concern is whether the customer can still readily access and recover their data
Legal Activity
data and devices within a datacenter may be subpoenaed or seized as evidence in a criminal investigation or as part of discovery for litigation purposes
Portability
describes the general level of ease or difficulty when transferring data out of a provider's datacenter (regardless of whether it's being moved to another provider or to a private cloud)
Countermeasures for MITM Attacks
encrypt data in transit, including authentication activity; secure session technology and enforcement
Countermeasures for theft/loss of devices
encryption of stored material to attenuate the efficacy of theft, strict physical access controls, limited or no USB functionality, detailed and comprehensive inventory control and monitoring, and remote wipe or kill capability for portable devices
Countermeasures for escalation of privilege
extensive access control and authentication tools and techniques should be implemented; also include analysis and review of all log data by trained, skilled personnel on a frequent basis, combined with automated tools such as SIEM, SIM, and SEM solutions
Social Engineering
hackers use their social skills to trick people into revealing access credentials or other valuable information
Countermeasures for External Attackers
hardened devices, hypervisors, and virtual machines, with a solid security baseline and thorough configuration and change management protocols, as well as strong access controls, possibly even outsourced to a third party such as a CASB
Public Cloud
has the most focus in the CCSP CBK and the model that most likely to provide the most benefit to the greatest number of cloud customers; a company offers cloud services to any entity that wants to become a cloud customer, be it an individual, company, government agency, or other organization; organization could lose control, oversight, audit, and enforcement capabilities-basically, all the assurance of maintaining a private cloud internal to the organization
Countermeasures for Regulatory Violations
hire knowledgeable trained personnel with applicable skillsets
Private Architecture, Cloud Service as Backup
if the organization maintains its own IT enterprise, BC/DR plans can include the use of a cloud provider as the backup; in this methodology, the customer should determine when failover will occur-that is, the customer can decide what constitutes an emergency situation and when normal operations will cease and the backup will be utilized as the operational network; failover might take the form of using the cloud service as a remote network, or it might require downloading the backup data from the cloud to another site for contingency operations
Countermeasures for lack of audit access
if the provider refuses to allow the customer to directly audit the facility, the customer must rely on a trusted third party isntead; if the provider limits access to full third-party reports, the customer must insist on contractual protections to transfer as much of the financial liability for security failures to the provider as possible, including additional punitive damages
Regulatory Noncompliance
in private configurations, full control resides internally, and the organization can know its exact regulatory exposure and confidently ensure that is is complying with all relevant regulations
Natural Disasters
in the private cloud, the organization knows exactly how prepared they are to cope with this situation and how often, what kind, and where backups are done
Countermeasures for rogue administrator
include all countermeasures listed in internal threats, with additional physical, logical, and administrative controls for all privileged accounts and personnel, including thorough and secure logging of all administrative activities, locked racks, monitoring of physical access to devices in real time, implementation of surveillance, and financial monitoring of privileged personnel
Hybrid Cloud
include all the risks of the various models they combine
Attack's on the Hypervisor
instead of attacking a virtualized instance, malicious actors might attempt to penetrate the hypervisor, which is the system that acts as the interface and controller between the virtualized instances and the resources of the given host devices on which they reside
Countermeasures for loss of policy control
strong contractual terms should be employed that ensure the provider is adhering to a security program that is at least as effective and thorough as what the customer would institute in an enterprise the customer owned and controlled
Man-in-the-Middle Attacks
the colloquial term for any attack where the attacker inserts themselves between the sender and receiver; this can take the form of eavesdropping to acquire data, or it can be a more advanced attack, such as the attacker posing as one of the participants in order to gain further control/access or modifying data traffic to introduce false or damaging information into the communication
The Brewer-Nash Model
the concept of aligning separation of duties and least privilege with dataflows to prevent conflicts of interest; introduced the concept of allowing access controls to change dynamically based on a user's previous actions
Interoperability Issue
the customer's software may not function properly with each new adjustment in the environment if the OS is updated by the provider
Vender Lock-In
the expense and trouble of moving the data out of the provider's datacenter could be crippling to the organization, especially if the organization chose to do so before the end of the contract term; this could make the organization hostage of the provider and allow the provider to decrease service levels and/or increase prices as the provider see fit
Resource sharing
the programs and instances run by the customer will operate on the same devices used by other customers
Virtualization
the threats are enhanced because even more resource sharing and simultaneous multitenancy is going to occur
External Attacks
these attacks can take many forms, such as unauthorized access, eavesdropping, DOS/DDoS, and so on
Malware
this can be considered an external or internal threat, depending on the source of the infection
Countermeasures for contractual failure
to protect against vender lock-in/lock-out, the customer might consider full offsite backups, secured and kept by the customer or a trusted third-party vendor, for reconstitution with another cloud service provider in the event of severe contractual disagreement
Countermeasures for Social Engineering
training to identify personnel who resist social engineering attempts and bring them to the attention of the security office
The three basic ways of using cloud backups for BC/DR are what?
1. Private Architecture, Cloud Service as a Backup 2. Cloud Operations, Cloud Provider as Backup 3. Cloud Operations, Third-Party Cloud Backup Provider
Countermeasures for legal seizure
legal action might result in unaccounnced or unexpected loss or disclosure of the organization's data
Data Seizure
legal activity might result in a host machine being confiscated or inspected by law enforcement or plaintiffs' attorneys, and the host machine include virtualized instances belonging to your organization, even though your organization was not the target
Conflict of Interest
provider personnel who administer your data and systems should not also be involved with any of your competitors who might also be that provider's customers
Countermeasures for natural disasters
redundancy for all systems and services for the datacenter, including ISP's and utilities
Cloud Operations, Third-Party Cloud Backup Provider
regular operations are hosted by the cloud provider, but contingency operations require failover to another cloud provider; the customer may opt for this selection in order to distribute risk, enhance redundancy, or preemptively attenuate the possibility of vender lock-out/lock-in; this may be the most complicated BC/DR arrangement to negotiate because it will have to involve preparations and coordination between all three parties, and roles and responsibilities must be explicitly and thoroughly delineated; both the primary cloud provider and the cloud customer will take part in emergency assessment and declaration, and failover may require joint effort
Community Cloud
resources are shared and dispersed among an affinity (similar) group; infrastructure can be owned and/or operated jointly, individually, centrally, across the community, or in any combination and mixture of these options