The emergence of Cloud technology has given rise to an increased need for comprehensive security measures. With data no longer stored on central, in-house servers but rather in a connected Cloud network, it is crucial to understand what security measures to observe in order to protect valuable company and client information. Below you’ll find a list of the most relevant terms in the age of Cloud technology.
Definition: An application programming interface (API) is the set of tools and protocols for communication between softwares. An API makes it possible for customers to manage and interact securely with cloud services.
Security Relevance: With the rapid increase in cloud service usage, it is critical that APIs be designed to prevent accidental access and malicious attacks. The security of cloud services depends on the security of the communication happening through the API.
Definition: Advanced persistent threats (APTs) are a type of cyber attack that infects systems much like a parasite in order to gain control of the target’s IT infrastructure and steal data.
Security Relevance: The real danger of APTs is their stealthiness. They can infiltrate a system nearly undetected and then adapt to security measures and learn to defend themselves. Once they gain a foothold in a system, they resemble normal network traffic as they go about pilfering data.
Definition: Cloud computing refers to storage or computing services offered by remote online servers. The servers store a variety of data, but all user data is isolated.
Security Relevance: Cloud computing centers generally have advanced technical and physical security solutions in place to protect data. However, when storing data in the cloud, it is essential to know what measures are in place and whether they align with your corporate and federal regulations. It is also important to confirm that software patches are installed immediately, and if there are proper protocols for breaches of security.
Definition: A data breach is an attack on a company network that results in data theft. This frequently affects sensitive customer information.
Security Relevance: Stolen data can be held for ransom (in exchange for money), sold on the darknet, or used to fake identities and make purchases. Data breaches are particularly dangerous because stolen data from one network often gives thieves access to other networks if the victim reuses passwords.
Definition: Secure sockets layer (SSL) lets you create an encrypted connection between servers and clients. Data transmission is especially secure because data is transformed to mask its content during the transfer process.
Security Relevance: SSL is an particularly secure method for transmitting data because only those with the key can access it. This means that hackers who might intercept this data will still not be able to decrypt it.
Definition: Infrastructure-as-a-service refers to a computing infrastructure that is provided remotely and is accessible online.
Security Relevance: Infrastructure-as-a-service is based on cloud computing. Therefore, it is essential to keep in mind the cloud service provider’s security compliance and whether or not it is in line with corporate and federal regulations.
Definition: Platform-as-a-service refers to a remote infrastructure for developing and deploying new online software applications.
Security Relevance: Platform-as-a-service is based on cloud computing. Therefore, it is essential to keep in mind the cloud service provider’s security compliance and whether or not it is in line with corporate and federal regulations.
Definition: Software-as-a-service refers to the remote delivery of online software applications by a provider. This often takes places through a web interface.
Security Relevance: Software-as-a-service is based on cloud computing. Therefore, it is essential to keep in mind the cloud service provider’s security compliance and whether or not it is in line with corporate and federal regulations.
Definition: Two-factor authentication refers to the practice of retrieving proof of identity through two independent means. This might be any combination of password, code verification through a mobile device or e-mail, a Smartcard transaction, etc.
Security Relevance: Two-factor authentication makes it even more difficult to gain illicit access to private information as if often involves having direct access to a hard device (mobile phone, Smartcard).
Author: Peter Mountain, Chief Security Officer, Coresystems