Security and data protection are two of the most critical areas that businesses must focus on. Data breaches and data loss cost companies millions of dollars each year. According to a Data Breach Investigations Report conducted by Verizon Business, 74% of organizations received some kind of hacker attack in the past 12 months. With increases in enterprise cloud app usage, the potential for hacker attacks on company accounts are very real, and somewhat common. Many small businesses or startups are resource-strapped, and can’t afford a full-time IT department and state-of-the-art security systems. But there are alternatives, especially for companies that use cloud computing. Cloud computing security has come a long ways in recent years, and is now counted as equal to, or stronger than, on-premise security implementations. But even with the best security in the world, hackers have a wild card that they use frequently- social engineering. By using this method, hackers gain inside access to company accounts, bypassing all security measures in the process. In this article, we will take a look at how to protect your company cloud apps and accounts, how to create an emergency response plan in the case of a hacker attack, and how to restore all company data in case a hacker attack is successful.
Social engineering and malware
We believe that cloud apps are practically 100% secure from their technical perspective but your data is still vulnerable: the majority of hacker attacks are in form of phishing scams / social engineering and malware.
There are numerous types of social engineering, but one of the most common involves an attacker making phone calls to a business employee pretending to be someone from the company- typically tech support or upper management. The attacker then informs the employee that there is a problem and that he needs the employee’s information to help fix the problem. Another type of phishing attack involves an email from an attacker with a link to a fake web site which designed to look like an official web site asking for your credentials.
The other set of attacks are based on convincing users to download and install malware onto the user’s computer or mobile device. For example, you might “jailbreak” your iPhone and then install malware. Also some reports state that 40% of apps on Google Play Android store are infected with some kind of malware.
So even though cloud security is extremely high, you can see how easy it is to trick people into bypassing security.
It is not possible to completely protect against human error, because no matter how strong security measures are, as long as people are in charge of access to accounts, breaches due to human error will be prevalent. So how can you possibly prepare for this? How can you defend against such an attack?
Here are some thoughts on that topic…
STEP 1: Create An Emergency Response Team
In the event of a hacker attack, you should have a proper emergency response plan in place and emergency response team. The emergency response team that can be called upon to quickly act and assess the situation. If the attack is severe enough, the team can be employed 24/7, working in shifts if necessary. This team can be mostly comprised of IT personnel, but can also include outside professional security contractors depending on the attack’s severity.
If outside security contractors are needed, they can evaluate all potential risks including application, end-user, network, social engineering and physical threats.
You should also create a list of emergency contacts that can be reached immediately in the occurrence of an attack. Here are some of the areas that should be included :
- IT personnel – IT operations, application development, legal, database administration, IT security, executive management and anyone else who needs to be contacted in case of an attack.
- DDoS protection services
- Internet Service and DNS providers
- If necessary, Independent security consultants and professionals, Security Information and Event Management (SIEM), and Intrusion Prevention System (IPS) vendors. These professionals can quickly assess the situation and give you help when an attack is critical.
- Keep a list of network and server information with your contact list. This information should include web server IP addresses, DNS servers, databases, database firewalls, web application firewalls, network firewalls, switches and routers.
- If available, disaster IP addresses
- Network diagrams of all data centers. These should be updated and maintained so they are the most up-to-date copies available.
STEP 2: Plan how to lock down access to all clouds
In the event of a hacker attack, the company should enable a lockdown on all company cloud accounts until the threat has been dissipated.
If a hacker attack is detected and you use single sign-on provider you can lock down employee access to company cloud accounts with one click. But you also need to contact your cloud provider immediately to ensure no access can occur until security is under control.
No matter which method company management decides to take, an access lockdown plan should be added to the emergency response plan.
STEP 3: Create a solid backup system
Having data stolen is bad enough, and the disastrous consequences can cost companies thousands or millions of dollars, or it can cause them to go out of business altogether. This is especially true in cases of data loss. When data is deleted, corrupted or just vanishes, what can a company do? Hopefully your company is one of the few companies that actually have some type of backup system in place. But according to a recent study, approximately 1/3 of all companies do not have any backup or disaster recovery system in place. In cases of data loss, these companies are at an extreme risk of losing data that cannot be recovered. Contracts, client information, legal documents, financial statements and records, and much more- even if they can be replaced, it can take months or even years to recover all of the lost information.
Also because access to your primary cloud is locked, you need to access your data as soon as possible.
However, there is one solution that provides both backup and fail-over copy of your business: cloudHQ.
cloudHQ offers both backup and fail-over: cloudHQ can continuously replicate data from your primary company accounts to backup (fail-over) cloud accounts. For example, when a file is added or modified, the file is instantly replicated to a backup account on a cloud provider that is completely separate of the primary company accounts. None of the users or authentication measures should be the same as the company accounts; it should be as distanced as possible from the company, with the only link between them being cloudHQ. This way, if the company accounts become compromised, there will always remain a secondary copy of all the data on the backup account- which will stay secure from hackers, natural disasters and other data loss threats.
CloudHQ currently has customers ranging from individual users to small business owners to enterprises.
- Phishing emails containing malware may have enabled Target breach – SC Magazine (newestgadgetsinfo.com)
- Security Firms Breaks Down What Went Wrong With Target Breach (hothardware.com)
- Target hackers used phishing email to steal vendor credentials (bizjournals.com)
- Security Expert: Target Phishing Attack Just The Beginning (minnesota.cbslocal.com)
- How To Secure Email From Hackers, Malware And The NSA. (doctrackr.com)
- The Coming Wave of Cloud Security Startups (whohastimeforthis.blogspot.com)
- The Malware Culprit Behind the Biggest Breach (sitelock.com)
- Hackers circulate thousands of FTP credentials, New York Times among those hit (pcworld.com)
- Cloud Security: Does it Have to Go the Hacker Way? (emcplus.emc.com)
- Target’s Massive Data Breach Originated With A Single Phishing Email (businessinsider.com)