Cloud security is a fundamentally new landscape for many companies. While many of the security principles remain the same as on-premises, the implementation is often very different. This overview provides a snapshot of five best practices for cloud security: identity and access control, security posture management, apps and data security, threat protection and network security.
1. Strengthen access control
Traditional security practices are not enough to defend against modern security attacks. Therefore, the modern security practice is to “assume breach”: protect as though the attacker has breached the network perimeter. Today, users work from many locations with multiple devices and apps. The only constant is user identity, which is why it is the new security control plane.
Institute multifactor authentication
Provide another layer of security by requiring two or more of the following authentication methods: • Something you know (typically a password) • Something you have (a trusted device that is not easily duplicated, like a phone) • Something you are (biometrics)
Take advantage of conditional access
Master the balance between security and productivity by factoring how a resource is accessed into an access control decision. Implement automated access control decisions for accessing your cloud apps that are based on conditions.
Operate in a zerotrust model
Verify the identity of everything and anything trying to authenticate or connect before granting access.
2. Improve security posture
With more and more recommendations and security vulnerabilities identified, it is harder to triage and prioritise response. Make sure that you have the tools you need to assess your current environments and assets and identify potential security issues.
Improve your current posture
Use a tool like Secure Score in Azure Security Centre to understand and improve your security posture by implementing best practices.
Educate stakeholders
Share progress on your secure score with stakeholders to demonstrate the value that you are providing to the organisation as you improve organizational security.
Collaborate with your DevOps team on policies
Modernise your security information and event management (SIEM) To get out of reactive mode, you must work with your DevOps teams in advance to apply key security policies at the beginning of the engineering cycle as secure DevOps.
3. Secure apps and data
Protect data, apps and infrastructure through a layered, defence-in-depth strategy across identity, data, hosts and networks.
Encryption
Encrypt data at rest and in transit. Consider encrypting data at use with confidential computing technologies.
Follow security best practices
Ensure your open source dependencies do not have vulnerabilities. Additionally, train your developers in security best practices such as Security Development Lifecycle (SDL)
Share the responsibility
When a company operates primarily on-premises, it owns the whole stack and is responsible for its own security. Depending on how you use the cloud, your responsibilities change, with some responsibilities moving to your cloud provider. IaaS: for applications running in virtual machines, more of the burden is on the customer to ensure that both the application and OS are secure. PaaS: as you move to cloud-native PaaS, cloud providers like Microsoft will take more of the security responsibility at the OS level itself. SaaS: at the SaaS level, more responsibility shifts away from the customer. See the shared responsibility model.
4. Mitigate threats
Operational security posture – protect, detect and respond – should be informed by unparalleled security intelligence to identify rapidly evolving threats early so you can respond quickly.
Enable detection for all resource types
Ensure threat detection is enabled for virtual machines, databases, storage and IoT. Azure Security Centre has builtin threat detection that supports all Azure resource types.
Integrate threat intelligence
Use a cloud provider that integrates threat intelligence, providing the necessary context, relevance and prioritization for you to make faster, better and more proactive decisions.
Modernise your security information and event management (SIEM)
Consider a cloud-native SIEM that scales with your needs, uses AI to reduce noise and requires no infrastructure.
5. Protect the network
We’re in a time of transformation for network security. As the landscape changes, your security solutions must meet the challenges of the evolving threat landscape and make it more difficult for attackers to exploit networks.
Keep strong firewall protection
Setting up your firewall is still important, even with identity and access management. Controls need to be in place to protect the perimeter, detect hostile activity and build your response. A web application firewall (WAF) protects web apps from common exploits like SQL injection and cross-site scripting.
Enable Distributed Denial of Service (DDoS) Protection
Protect web assets and networks from malicious traffic targeting application and network layers, to maintain availability and performance, while containing operating costs.
Create a microsegmented network
A flat network makes it easier for attackers to move laterally. Familiarise yourself with concepts like virtual networking, subnet provisioning and IP addressing. Use micro-segmentation, and embrace a whole new concept of micro perimeters to support zero trust networking.
As more business move their operations to the cloud here is what to know about the hybrid cloud.
[jetpack_subscription_form show_only_email_and_button=”true” custom_background_button_color=”undefined” custom_text_button_color=”undefined” submit_button_text=”Subscribe and get the latest in breaking technology news, offers and opportunities from the technology ecosystem in Africa and the Middle East region.” submit_button_classes=”undefined” show_subscribers_total=”true” ]
Microsoft is partnering with SheHacks Kenya to co-host this years HackFest event. A move that showcases Microsoft’s commitment to supporting and advocating for Kenyan women and minorities with interest in cybersecurity engineering. The two day festival is taking place at the Strathmore University Business school in Nairobi.
Day 1 at HackFest 2019 ?: SheHacks
Microsoft General Manager Cybersecurity Engineering, Hayden Hainsworth was the keynote speaker at the event. She expressed the company’s delight to partner with SheHacks for this year’s Hackathon.
“We want to inspire the next generation of cybersecurity engineers. With a focus to prepare women to thrive in the technology industry.
We also want to make it easy for anyone to take their next step forward in technology, Hayden says. Highlighting the importance of the partnership and event in developing competency in tackling cyber threats in a rapidly evolving tech ecosystem.
Pratik Roy, Microsoft Modern Workplace and Security Business Group Lead speaks on the principles of kill-chain at HackFest 2019
We have seen tremendous growth in the number of young women who want to participate since we founded this initiative. SheHacks founders Evelyn Kilel and Laura Tich shares. Emphasizing the need for increased support towards the youth in Kenya. To support this, they share that this years Hackfest will host close to 300 young ladies from across Kenya.
Hackfest 2019 will firstly bring together learners and experts to share knowledge and experience. Secondly it will try to inspire and nurture others to join the cybersecurity industry. Thirdly it will equip and empower them with the required technical know-how to combat cyber-crime.
David Weston, Microsoft Partner Director of Enterprise and Operating System Security shares cybersecurity tips for small businesses.
He shares three security fundamentals and best practice business should follow to stay safe. We note down the points. Watch video below for full details.
Multi-Factor authentication
Regular Update of your Operating System
Opt for a system with preconfigured security features
David is also principal security group manager of Microsoft’s Windows offensive security research team also known as the Red Team.
Several Kenyan government and public service websites were hacked early this year rendering services unavailable. According to the Communications Authority of Kenya, cyber-attacks in Kenya increased by 167% from October to December 2018. This cybersecurity firm Serianu Ltd says cost the Kenyan economy about 29.5B KSH [286M USD]. The firm also shared from their report that African businesses lost US$3.5bn in 2018 from cybercrime. With Kenya being one of the hardest hit countries in the region per the report.
Cybersecurity is a central challenge of our digital age says Microsoft East and Southern Africa Manager Sebuh Haileleul.
At Microsoft, we are committed to educating, empowering and enabling individuals and organisations. To digitally transform in a secure online environment. As organisations continue to pursue a fully digitally transformed future, threats within the cyberspace will continue to become more advanced. This will leave individuals and organisations alike with no choice but to turn to the ever-improving capabilities that advanced technologies and solutions bring with it.
Cybersecurity trends in Kenya
Speaking about the cybersecurity trends in Kenya, Sebuh shares that ransomware attacks had declined.
“We found that in the past year ransomware attacks as a vector declined. Software supply chains became a risk, cryptocurrency mining prevalent and that phishing still remains the preferred attack method. While this may indicate progress in blocking ransomware attacks against organisations, it also draws our attention to new avenues now being identified for attacks.”
Microsoft Business Group Director, Pratik Roy, chipped in that the global cost of online crime is expected to reach $6 trillion by 2021. He says organisations now, more than ever, need to continue building organizational resilience and meaningful risk reduction.
For the Microsoft Kenya country manager, Sebuh Haileleul companies need to take immediate action to address security concerns. This he says improves their security postures.
“It is critical for companies to strengthen their core security hygiene. (Across things like monitoring, antivirus, patch and operating systems), adopt modern platforms and comprehensive identity, security and management solutions“.
Organizations can improve their security by moving to the cloud, adopting modern platforms and embracing comprehensive identity, security and management solutions. – Kellington Kituku, Enterprise Business
Using AI and Quantum Computing
The Microsoft manager shares on how emerging technologies like artificial intelligence and quantum computing help tackle cybersecurity.
“The use of AI to combat cybersecurity to fill crucial gaps by analyzing a vast ocean of threat data to prevent attacks before they occur is a factor that organisations, through partnering with the correct solutions provider, remains pivotal. Furthermore, the cloud is and still will be imperative to securing the modern workplace. Lastly, quantum computing, although still in its infancy will require threat analysts to keep an eye on what advances in quantum computing would mean for security in 2019 and beyond.”
Microsoft has released its 2018 Security Intelligence Report (SIR), the 24th in its volume. Analysis of over 6.5 trillion daily threat signals highlight a 73 percent global decline in malware encounters. It however noticed a rise in crypto mining malware.
From the report, Ethiopia and Cameroon ranked among the top five countries mostly impacted by ransomware. With 0.72 and 0.36 percent ransomeware encounter rates respectively. Whilst Namibia, 0.5%, South Africa, 0.8% and United Arab Emirates, 0.5% are countries with lowest ransomware encounter rates in MEA.
MEA Monthly Average Ransomware Encounter Rates
Microsoft says “low ransomware encounter rate countries are known to communicate with their citizens about basic security. Countries with lowest ransomware encounter rates also have mature cybersecurity infrastructures and well-established programmes for protecting critical infrastructure.”
“The five locations with the highest average monthly ransomware encounter rates in 2018 were Ethiopia (0.77 percent average monthly ransomware encounter rate), Mongolia (0 46), Cameroon (0 41), Myanmar (0 33), and Venezuela (0 31), each of which had an average monthly ransomware encounter rate of 0 31 percent or higher during the period.
The locations with the lowest ransomware encounter rates in 2018 were Ireland (0.01), Japan (0.01), the United States (0.02), United Kingdom (0.02), and Sweden (0.02 percent), each of which had an average monthly ransomware encounter rate of 0.02 percent or lower during the same period.”
The 24th edition of the Microsoft Security Intelligence Report showed cryptomining malware as another stealthy threat on the rise.
“The decline in ransomware encounters was due in part to improved detection and education that made it more difficult for attackers to profit from it As a result, attackers began to shift their efforts away from ransomware to approaches such as cryptocurrency mining, which uses victims’ computing resources to make digital money for the attackers.
Mining for cryptocurrency is a lucrative past time for hackers, but it consumes massive computing resources. To overcome this challenge, hackers infect unsuspecting users’ computers with malware so that they can use the collective processing power of all their victims’ machines to mine for coins.
And unlike ransomware, cryptocurrency mining does not require user input – it’s able to work in the background while the user is performing other tasks or is away from their computer. In other words, they won’t necessarily notice its presence at all unless their system’s performance is significantly compromised.”
The Microsoft SIR states that in the “Middle East and Africa, cryptocurrency mining is particularly prevalent. Ethiopia, Tanzania and Zambia account for three of the top five nations most impacted by cryptocurrency mining. With encounter rates well above the global average at 5.58, 1.83 and 1.13 % respectively.”
How can you keep yourself, your family and organization safe from these attacks? Read on how to stay security conscious online.
Ghana joins 56 other countries and 420 organizations and companies on developing common principles for securing cyberspace. The Ghanaian president said this during the Global Citizen Festival in South Africa to celebrate the centenary of Nelson Mandela. Joining Microsoft and the common wealth on stage to talk about the path to digital peace.
Sharing on Microsoft’s call for Digital Peace, President Akufo-Addo stated that “57 governments endorsed a new international declaration, the Paris Call for Trust and Security in Cyberspace to work collectively towards a common goal of protecting cyberspace. The president announced Ghana’s support for the Paris Call and urged other nations to join.”
we are in the right moment to take action to protect the digital world where we live, work and learn.
– Microsoft
Microsoft’s Digital Peace Now campaign encourages world leaders to achieve digital peace. Microsoft also believes we are in the right moment to take action to protect the digital world where we live, work and learn. About 100,000 people across 140 countries have signed the Digital Peace Now petition according to Microsoft.
Microsoft worked closely with the French government.
WIRED shares that Microsoft worked closely with the French government to craft the Paris Call. And calls it “a sign of how tech corporations are playing a more active role in governing the internet”.
