What is Cloud Workload Security

What is Cloud Workload Security?

Cloud Workload Security refers to the practice of protecting resources, services and applications run on cloud. Virtual Machines, databases, containers considered as Cloud Workloads.

Cloud Deployment Models

1. Public Cloud - Public multitenant offering like AWS, Azure and GCP.
2. Private Cloud - Cloud environment dedicated to single business entity.
3. Hybrid Cloud - A combination of on-premises public and private cloud services
4. Multi Cloud - A combination of cloud services; which includes multiple types of services hosted on multiple public and private clouds.

Cloud Service Types

1. Infrastructure as a Service
2. Platform as a Service
3. Software as a Service

Cloud Workloads are vulnerable to a variety of threats

Cloud resources and Workloads are prone to a wide variety of cyber threats including ransomware, malware, data breach, phishing attacks and DDoS attacks. Cyber attackers can exploit cloud security vulnerabilities using stolen credentials to mount attacks and disrupt services or steal confidential information.
Strong cloud security practices are fundamental to maintain the availability of the business application, safeguarding confidential info.

Example of cloud vulnerabilities

Cloud Workload Security is shared responsibility between Cloud provider and customer

Cloud security practices are similar to organizations typical IT and Network security practices, but there is a catch. Unlike IT, Cloud Security governed by shared responsibility model like cloud service provider will responsible for infrastructure and customer is responsible for managing security above hypervisor. Please refer below.

Best Security Practices for Cloud Customer

1. Securing the management console - Cloud providers provide management consoles for administering account, configuring services, troubleshooting problems, monitoring and billing. These are targets of attackers. Organizations can control access to cloud management console to prevent attacks and data leaks.

2. Securing Infrastructure - Virtual Machines, Storage account, container and other resources are common target for cyber attack. Customer must put strong security system and practices in place to unauthorized access to cloud.

3. Securing admin account for SAAS application - SAAS includes a management console for administering user and services. These are commonly attacked by hackers. Privileged Identity management can ensure its security and reduce risk.

4. Securing DevOps console and CI/CD pipeline - Devops teams rely on the tools. Perpetrator often exploit devops admin console and launch attack or data leaks. Customer must track and monitor but source code access based on the policy.

5. Securing Cloud Entitlements - Users or identities leverage cloud IAM permission to access infrastructure and services in their organizations environment. In hands of hackers excessive permission can put sensitive data at risk. PIM and IAM can be used for unauthorized access.