The importance of cybersecurity cannot be overstated, with the consequences of a cyberattack including data loss, costly downtime, interruptions in service, and the loss of customer trust when these issues occur. However, when it comes to implementing security best practices to mitigate the risk of a cyberattack, it can be difficult to know where to begin. We spoke to our cloud security expert, Austin Miller, about 4 ways to protect your IT systems.
Austin Miller is a Tier 3 IT and cloud management professional, with over 10 years experience in IT support, network security and cloud hosting, and a Bachelor of Technology in Computer and Information Systems Security/Information Assurance.
Cloud configuration
Hackers have many ways of exploiting the vulnerabilities that exist when cloud infrastructure is incorrectly set up or maintained. Misconfiguration is often caused by cloud environments being set up by organisations’ in-house teams lacking the expertise and experience necessary to best protect their platform. When the infrastructure is also managed in-house, vulnerabilities may go unnoticed, leaving the door open for attacks.
When deploying cloud infrastructure, Austin advises: “Look out for unrestricted inbound and outbound ports, improper management of your authentication tokens and any unsecured backups.”
If you don’t have the expertise or capacity in your in-house IT team, Austin recommends: “Working with an expert managed service provider (MSP) who will manage the configuration of your solution is one way of ensuring you have no misconfigured elements which can lead to weaknesses.”
Check for vulnerable APIs
APIs (Application Programming Interfaces) are commonly used to access and extract information from cloud-based services. However, if these APIs are not configured properly, with sufficient authentication controls, they can be exploited and leak sensitive information to hackers.
There are 3 main ways APIs can be exploited:
- To deliver harmful files
- To be used as a tunnel into your network
- To directly collect data
Austin provides guidance on how to mitigate the risks of using APIs: “I’d recommend only using APIs that require authentication, including your APIs in your routine security scans, using a custom security gateway for your APIs and lastly, educating your employees who use APIs on the risks.”
Employee training
Attackers will always attempt to find the weakest points in your organisation’s security, and unfortunately, this can often be the staff using your systems. It is crucial that you train all staff on how to recognise and respond to the constant attacks that take place against a business.
A significant risk for organisations is employees falling victim to phishing email attempts. While people tend to think they wouldn’t fall for a phishing attack, the figures show that email was the most common vector for malware in 2023, with 35% of malware delivered via email (Verizon). You can have a solid security suite protecting your infrastructure, but if an employee falls for a phishing attempt, an attacker could gain access to your systems and data.
We asked Austin about protecting against phishing attempts: “Make sure your team is trained to spot phishing emails – there are tell-tale signs they should be looking for in all communications. I would recommend a mandatory online training course for all new employees, with regular refreshers for existing staff. Sending dummy phishing emails to your business and monitoring clicks can be a good way to keep these threats front of mind.”
Phishing is not the only potential attack employees should be aware of – Austin continues: “Teach your employees the importance of updating their operating system and applications regularly. Stress the importance of using two-factor authentication (2FA) for virtual private networks (VPNs) and make it mandatory, this will keep out most automated attacks.”
Monitoring and prevention
Cloud monitoring is a method of observing and managing the operational workflow in cloud-based IT infrastructure. Effective monitoring can identify any potential weaknesses, often allowing you to prevent an attack before it even happens. This can be taken a step further with traffic control tools which monitor, identify and block any suspicious traffic automatically.
Austin advises: “By using advanced monitoring tools to identify any attack, misuse or malfunction of the service, you or your cloud provider can take quick and decisive action to address any incident.”
There are many tools for monitoring your infrastructure and controlling traffic to prevent attacks; some commonly used tools are IDS and IPS (Intrusion Detection Systems and Intrusion Prevention Systems), EDR (End-point Detection and Response), and firewalls. Any of these tools can be managed in-house if you have the resources and expertise, or by a managed service provider.
The next steps
These best practices are a starting point for planning your strategy – for the optimum protection for your business, our experts can support you. We get to know your needs, and build a bespoke, multi-layered solution to give you full confidence that your sites, applications and data are secure. For an initial consultation, fill out our contact form and we will be in touch.