The growth in cloud computing has been massive and transformational. Most of the same security risks that apply to data and applications residing within a traditional data center also apply to virtualized assets in cloud infrastructures like AWS, Azure, and others. Virtual servers can be infected with malware or ransomware, credentials can be stolen, and cyber criminals can exfiltrate data. Web applications are one of the most significant sources of enterprise data breaches, and public-facing web applications are often hosted on cloud platforms. Because cloud platforms are designed for easy sharing, data runs the risk of becoming unintentionally shared or exposed. Misconfigured cloud-based data stores have resulted in many vulnerabilities and threats. Security is a shared responsibility between the IT security team and cloud provider. Key elements of a cloud security program should include:
Proficio’s managed detection and response services are equally effective in cloud or hybrid cloud environments. We collect log data and monitor security events in AWS, Azure and Google Cloud. Proficio provides extensive services to manage virtualized next-generation firewalls, Web Application Firewalls, and vulnerability scanning tools. We monitor Office 365 usage for activity levels for geographical location and anomalous behavior. Proficio integrates data from Cloud Access Security Broker (CASB) solutions to enable threat detection and protect against data leakage for a range of cloud applications.