It has long been said that the cloud is not secure and that security threats pose major issues for businesses. This is especially true with businesses that fall under specific regulatory or industry-specific compliance and certification standards. We’re talking about industries and verticals like healthcare, financial, retail, government and consumer-based businesses with personally identifiable information (PII).
There isn’t a week that goes by that you do not hear of a major hack or data breach. We also know the big ones – T-Mobile, Quest Diagnostics, and FEMA. These are just a few of large-scale data breaches and hacks that occurred in the last year. Nearly nine million consumer records were exposed in 2019.
Are hackers becoming more sophisticated or are businesses not doing enough to protect the data they’re entrusted with? It’s a good question. In this article, we will examine how businesses can protect themselves from a very embarrassing and potentially harmful attack. We will also look at the cloud specifically and debunk the common myth that cloud is more susceptible than physical infrastructure such as servers and other hardware sitting in a colocation data center facility.
How Hacks and Data Breaches Occur?
Before we get started, what is a data breach? A data breach is when a cybercriminal successfully infiltrates an internal system that contains sensitive information. Data breaches can be done physically by accessing local files. They can also be done by bypassing network security remotely. It is typically the latter method that is used to most commonly target businesses. These attacks are often well orchestrated. Here’s how it typically works.
During their initial research, cybercriminals identify target businesses or companies that they believe to contain worthwhile consumer data or other internal data worth hacking. They begin to look at individual businesses and test for weaknesses in their business security which includes their people, systems or network.
Once a vulnerability is detected, cybercriminals make their initial contact via a network or social attack. Network attacks occur when cybercriminals use infrastructure, systems, and application weaknesses to exploit the businesses’ network.
A social attack, also known as social engineering, occurs when cybercriminals trick or bait internal employees and or contractors into giving them access to the businesses’ network or internal systems. Employees and contractors can be easily duped into giving their login credentials or tricked into opening up a malicious attachment.
If successful and undetected, cybercriminals are able to access a computer and then access the internal network, systems or applications where confidential information or data exists. At this point, they’re able to extract the data and the hack and data breach is successful.
Where Do Most Hacking Attempts Occur?
As we discussed previously, there are two primary methods that cybercriminals use to access business data. They are network attacks and social attacks. When you examine both methods, physical servers and cloud servers are both susceptible due to the human factor and mismanaged security policies.
Physical Servers and Network Devices in Colocation
Physical servers that are hosted on-premise or in a colocation facility are typically maintained and managed internally by an IT department. Employees or contractors that are responsible for managing the physical servers and networking gear such as routers and switches may be limited. For many businesses, cybersecurity budgets and headcount go largely unnoticed until it’s too late. Misconfigured firewalls, routers and switches can lead to security gaps and unmitigated risks. This, of course, leads to the successful hacking of servers, databases and internal data.
Cloud Infrastructure in Private Data Centers
When it comes to the security of the cloud, one could argue that the cloud is actually more secure than physical servers or colocation. IT leaders have long worried about the security posture of the cloud and whether or not it can equal physical environments. This is largely a misconception as it relates to the cloud.
Infrastructure as a service (IaaS), including cloud servers and storage, have significant protections in place guarding against hackers and potential data breaches. Cloud providers like Amazon AWS, Microsoft Azure and Google Cloud have invested huge sums of money in building out “security of the cloud.” These providers are hyper-focused on ensuring that their cloud services at the infrastructure level does not get hacked.
However, it doesn’t stop there. Cloud providers like AWS have a shared responsibility model for cloud security. Essentially, this means that AWS is responsible for security of the cloud and its customers are responsible for security in the cloud. Cloud providers have taken it a step further by developing tools and automation to alert businesses when their servers, storage, network, and applications are susceptible for security threats. They also provide easy access to templates, tools and educational resources for establishing security policies for users, groups, and roles.
A drawback of hosting your data and infrastructure in the cloud is the human element. The mere nature of the cloud lends itself to providing access to more employees or contractors. Physical servers, network and other infrastructure hosted on-premise or in a colocation facility typically have a lot less access for employees or contractors.
Cybersecurity is More Than an Infrastructure Decision
In closing, hacking and data breaches will always be a major threat regardless of the environment, physical or virtual, as long as hackers are being challenged or profiting from data they extract.
Physical servers that contain your internal data have the same vulnerabilities as virtual servers in the cloud. It really comes down to ensuring that you have the right safeguards in place such as training your employees, limiting access, configuring your firewall and network security policies.
There are great cybersecurity companies, hardware vendors and MSPs out there that offer great solutions for securing your infrastructure. I can help you select the right solutions for your on-premise, colocation, cloud or hybrid IT environment. Contact me by emailing or by calling 303-406-2112 to learn more about how I can help your company evaluate its cybersecurity strategy and posture to combat the ever-increasing risks from hackers and data theft.