During the last decade, conversations about cloud migration and transformation, as well as cloud security, have been ubiquitous among business owners. With Gartner’s most recent forecast of an 18.4% increase in worldwide public spending on cloud services in 2021, totaling almost $305 billion, it is clear this trend is only heading upward. But what are the risks that come with this cloud transition?

Knowing the risks and mitigation strategies involved is essential. After all, it enables businesses to make informed decisions about their cloud journey. This article explores the risks that come with cloud migration. Whether your company is just starting its cloud journey or already operating within the cloud, IBM has road maps for both.

For Companies Starting Their Journey

Companies at the beginning of their cloud roadmap must consider the following challenges:

Providers’ Roles in Cloud Security

Moving data from on-premises to the cloud can be confusing and lead to misconfigured servers, opening the door to potential cyber threats. This was the case with the April 2019 Facebook Amazon Web Services server breach, resulting in over 540 million accounts being exposed. These instances are a stark reminder of how vulnerable data can be during cloud migration.

Solution: Leading cloud providers offer built-in security to the cloud environment. Since they own the cloud environment, it is both their duty and within their interests to ensure security of the cloud. However, the users of the service are responsible for the security in the cloud – therefore the responsibility is shared under the shared responsibility model.

Reskilling and Resourcing Teams

Vital changes in company strategy require a shift in its employees’ skill base. Cloud migration requires more management and training of employees using new cloud apps. In the interim, this may leave a company’s security posture at risk.

Solution: The journey to the cloud will require the inevitable upskilling of employees. Hiring a strong security team and more DevOps engineers will help bolster the transition. They can reconfigure the cloud environment and assure data security in the cloud long term, offsetting the short-term costs of retraining staff.

Creating a Clear Cloud Migration Strategy

Key decisions prior to moving to the cloud will lead to a smooth transition. Failure to do so could complicate the process and leave a company open to cyber threats. Choices include using one cloud provider or a mix, which can result in vendor lock-in or a costlier and more complex environment, respectively. Also, deciding which data will reside on-premises and which will reside in the cloud at an early stage will provide clarity from the offset. Ensuring governance and a target operating model are in place prior to migration will pay dividends down the line.

Solution: Planning and strategy. Begin by performing a cloud security assessment to create a stronger, more flexible roadmap for your cloud journey. Assessing which data will be moved to the cloud, and in what format, will result in a clear migration strategy destined to succeed. Furthermore, IBM’s use of open-source tools, such as the recent adoption of Kubernetes, allows cloud apps to work together seamlessly. This creates a cloud system that is both flexible and secure.

For Companies Already Running in the Cloud

Companies already residing in the cloud should be aware of the following safety concerns:

Lack of Insight and Control

What if you operate within another entity’s data center and share data ownership? You may run into trouble with a lack of visibility and control over your company’s own data. These ‘blurred lines’ can lead to confusion or doubt over who is supposed to take care of what. According to an IBM survey, 44% of respondents believed they could not rely on their cloud provider for even baseline security.

Solution: Implement security information and event management (SIEM) tools. Doing so will improve the visibility of your data by providing real-time updates of information security systems. Management of event logs will further streamline this outlook and provide the insight required to support a company’s cloud migration.

Cloud Security and Access

Application programming interfaces (APIs) provision, manage and implement assets across cloud applications. As these connect to the internet via the cloud, there’s more potential for attackers to infiltrate the environment. And if they do, all cloud assets are at risk. For example, according to IBM X-Force Incident Response and Intelligence Services (IRIS) in June 2020, 45% of cloud-related threats were via app exploitation. In this way, cyber criminals can amplify the impact of their access to the cloud, developing data theft into other areas such as cryptomining and ransomware.

Solution: Implement strong identity and access management protocols. Companies should deploy policies such as multi-factor authentication and minimum password standards to add safeguards against threats. Restricting access on a least-privileged basis limits the number of privileged accounts, which, in the hands of a malicious actor, could leave a company’s cloud infrastructure at risk.

Malware, Ransomware and Data Theft

Cyber criminals can infiltrate the cloud via phishing emails and poorly configured storage servers. Moreover, the constant movement of data to and from the cloud has increased the number of opportunities for cyber criminals to intercept data. Hence, there are more chances to attack not only the cloud but also client networks and linked devices.

Solution: Apply security measures. These include conducting training and awareness programs among employees, including phishing simulations. Implementing pre-emptive detection and response capabilities and data security solutions will actively seek out and eradicate threats before they develop into a serious issue.

Cloud Security Migration Tools for All

With most businesses only 20% of the way into their cloud adoption, the cloud migration journey continues to be relevant in client conversations across all industries. No matter what stage a business is in its cloud journey, IBM is on hand with specialist services tailored to your business need.

more from Application Security

Why Your Success Depends on Your IAM Capability

It’s truly universal: if you require your workforce, customers, patients, citizens, constituents, students, teachers… anyone, to register before digitally accessing information or buying goods or services, you are enabling that interaction with identity and access management (IAM). Many IAM vendors talk about how IAM solutions can be an enabler for productivity, about the return on investment (ROI) that can be…

Controlling the Source: Abusing Source Code Management Systems

For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022. Source Code Management (SCM) systems play a vital role within organizations and have been an afterthought in terms of defenses compared to other critical enterprise systems such as Active Directory.…