-
Type Service Responsibility Customer Responsibility Infrastructure-as-a-Service (IaaS)
manages networking, hardware and virtualization manages the software and data
Platform-as-a-Service (PaaS)
manages networking, hardware, virtualization and operating systems manages the data and applications
Software-as-a-Service (SaaS)
manages it all on the customer’s behalf N/A
“We’ve got secure cloud hosting and a cyber security service—our bases are covered.” Maybe not. Cloud assets were involved in about 24% of breaches last year, according to Verizon's 2020 Data Breach Investigations Report (DBIR). That percentage may grow this year as more businesses are relying on cloud services—a May 2020 survey from Flexera indicated that a majority of enterprises (59%) expect cloud usage to exceed prior plans due to COVID-19.
When and if a breach happens, a successful cyber security response may depend on a digital forensics team’s access to data at the cloud hosting services. However, with your data in the cloud, do you know where to get it? Do you know that your security team can get the data as fast as needed?
There are three key considerations you need to understand regarding secure cloud hosting and cloud computing security:
What type of cloud hosting service do you have?
By reviewing your cloud hosting service contract, you can understand who is responsible for what in terms of cyber security, thereby helping you ensure you have the secure cloud hosting services you need. For example:
Cloud computing security: Can you quickly find and access your stored data?
Know where your data is stored to avoid delaying your data breach response.
- Do regular data and asset management to streamline access to the right information during a data breach. You’ll need to know where your systems, memory, logs and data are stored in the cloud.
- Know where the cloud hosting facility is that houses your data.
- Find out if the facility will allow physical access, or only remote access, to systems during a data breach. A digital forensics team might need a live image of a physical system, so you should work out the details ahead of time. Mid-incident is a bad time to work through authorizations.
- If physical access is possible, can an image of the relevant data be exported to storage at the facility? If digital forensics requires imaging a large system, finding a place for that data can be a challenge. Work with your cloud hosting facility to understand how storing it will happen.
- If remote imaging is the only option, data outputs may still be needed from local storage. Work with the facility to understand the access for forensic imaging.
Have you tested the process?
Test the access to your data with your cloud storage service provider. Solid agreements on paper can fall apart in a real life data breach and hamper digital forensic work.
- Make sure the hosting facility you have selected to help you with cloud computing security knows that you’ll be requesting their cooperation should a data breach affect your data at their location.
- Ask the cloud hosting services provider to share their incident response plan and any FAQs on how they respond to incidents and how they cooperate with their customer during data breach.
- Dry-run the cloud hosting facility's ticketing system to understand the cloud computing security measures in place. These may not be designed to expedite the forensic imaging process of systems.
- Test your digital forensics imaging processes (discussed above) with the cloud-hosting facility.
Proper preparations to help ensure you have the level of cloud computing security you need is an important step in protecting your data. Understanding the cyber security services that can help you keep your data secure is also part of that process.