In today's digitally connected business world, cloud technology is increasingly becoming the norm. Companies of all sizes are capitalising on the benefits of the cloud, from increased flexibility and scalability to cost-efficient storage and processing solutions. However, with the growing reliance on cloud services, the complexity of the IT security landscape is also increasing. The challenge of protecting sensitive data is becoming ever greater and requires constant adaptation to new threats and technologies. Philipp Kalweit, professional hacker and founder of Kalweit ITS GmbH, explains what security risks cloud systems are exposed to, what protective measures companies should take and who cloud systems are right for.
For which companies does a cloud system make sense?
Choosing the right cloud system is a strategic decision that depends heavily on the size and needs of a company. While large corporations often favour a "cloud-first" strategy, medium-sized companies need to weigh things up more carefully. Kalweit points out the importance of carefully considering the trust and risk involved in migrating to the cloud. "It's easy for different roles to be given too many authorisations. And these are potential attack surfaces," he warns. For small and medium-sized companies, he therefore recommends carefully examining whether a full or partial migration to the cloud makes sense, taking into account both short and long-term IT strategies.
The future of cloud security
Kalweit sees the further development of cloud security in the increasing spread of hybrid cloud models, which are a mixture of public and private cloud solutions. In his opinion, this development is primarily driven by the need to better protect sensitive business processes while also benefiting from the flexibility of the cloud. "We often have service providers who are currently still in the public cloud and are considering using the private cloud," explains Kalweit. He assumes that there will be an increased trend towards these hybrid models over the next few years, while at the same time the internal expertise in the companies must be strengthened.
Cloud security risks
The use of cloud services is inevitably associated with various security risks. Philipp Kalweit emphasises that public cloud environments in particular are an attractive target for attackers, as their size and reach make them highly vulnerable. "Attackers have an increased target, a high attractiveness to attack in such cloud infrastructures," he warns. In addition, the complexity and diversity of new cloud technologies increases the risk of security vulnerabilities, especially if companies do not have sufficient experience and knowledge in dealing with these technologies.
Another significant risk in the cloud relates to configuration errors, which are often caused by insufficiently trained personnel or inadequate authorisation concepts. Kalweit points out that assigning too many authorisations is a common problem: "This means that different roles are given too many authorisations." This can encourage internal and external threats, as it makes it easier for attackers to penetrate systems or retrieve data without authorisation.
Protective measures for cloud systems
To minimise these risks, Kalweit recommends a series of security measures for cloud services. The most important pillars are micro-segmentation, the use of web application firewalls (WAFs) and strict, defined security guidelines, including with regard to authorisation and access controls. The micro-segmentation approach is used to divide cloud networks into smaller, isolated segments. This minimises the risk of a successful attack on one area of the network spreading to other areas. WAFs, on the other hand, provide protection for web-based applications by monitoring and filtering incoming traffic to prevent attacks due to security vulnerabilities, and by implementing these measures, companies can significantly improve the security level of their cloud services and protect themselves more effectively against potential threats. Kalweit emphasises that security in the cloud is a continuous process that requires regular reviews and adjustments to keep pace with the ever-changing threat landscape.
Penetration tests: a must for the security of cloud systems
Penetration tests are a key element in ensuring the security of cloud systems. Kalweit emphasises the importance of these tests, which should be specifically tailored to the individual needs of a company. "The benefits and quality of a penetration test essentially depend on how customised the service provider is to the IT infrastructure," explains Kalweit. He recommends carrying out penetration tests at least once a year to ensure the integrity of the cloud infrastructure. The need for manual tests carried out by experienced experts to enable an in-depth and individual analysis of the security situation should be emphasised in particular.
Kalweit's advice for companies: Education and proactivity
Kalweit advises companies to invest in education and proactive security measures. He recommends using online platforms such as Udemy for cloud security training. "Some of them are agonising, but also really very good," he notes. In addition, regular audits and the implementation of micro-segmentation are essential components of a robust cloud security strategy. For larger companies, he suggests setting up centres of excellence for cloud security to strengthen internal expertise and increase security.