October 28, 2020
Cloud Security

Protect Your Data on the Way to the Cloud

Migrating to the cloud offers the promise of flexibility, better security, cost savings, increased collaboration and gaining a competitive edge, but it isn’t without its problems.

The allure of moving to the cloud is irrefutable. The cloud offers the promise of flexibility, better security, cost savings, increased collaboration and gaining a competitive edge. And with 83 percent of enterprise workloads expected to be cloud-based in 2020, digital transformation has emerged as a key driver to cloud migration.

Migrating to the cloud sounds like a dream come true, but it isn’t without its problems. While it’s easy to spin up an application as fast as you can snap your fingers, that rush to beat the competition can come back to bite you in the form of infrastructure and identity misconfigurations that can lead to a data breach that can cost you tens of millions of dollars. And as a large majority of the enterprise workforce is forced to work from home due to the COVID-19 pandemic, the growing use of online collaboration tools provides quick and easy access for your users. Still, the security risk is significantly higher because home computers and devices do not have all of the network security protections found in your enterprise network.

The importance of your data as you migrate to the cloud is paramount as you look at how you will cleanse, review and blend your data from different systems. But even more important is ensuring you build security into your migration strategy.

Data is Priority #1 – In Transit and At Rest

Without question, your organization’s data is your number one priority – whether it’s in transit or at rest. And when dealing with regulations like HIPAA, GDPR, CCPA, PCI-DSS and others that require appropriate safeguards for the protection of stored data as well as during transmission across networks, the consequences you can face for non-compliance can be significant. Just ask Equifax, who was fined almost $700 million after hackers stole credit files on over 147 million Americans and British and Canadian nationals in 2017. Once hackers penetrated Equifax’s network, they gained access to a database that contained unencrypted credentials for additional databases, giving them unlimited freedom to access critical customer information.

Another big issue that’s been grabbing headlines is misconfigurations. With the rush to virtualize workforces amid the COVID-19 pandemic, enterprises found themselves scrambling to ensure their employees could easily access what they need to get their jobs done from home. According to an April 2020 report from Trend Micro, 230 million cloud misconfigurations occur every day in several critical areas of cloud-based computing that can put login credentials and sensitive data at risk. Hackers can take advantage of these misconfigurations to prey on enterprise networks with ransomware and data exfiltration.

Along with the expansion of the remote workforce came the explosive use of online collaboration tools like Microsoft Office 365, Slack, Dropbox, Google Drive and others. This explosive growth has not gone unnoticed by hackers. Between June and August 2020, data gathered from over four million Microsoft Office 365 users found signs of suspicious lateral movement on 96% of the Office 365 customer accounts sampled. And many enterprises are still unclear on the shared security responsibility model and who “owns” security in the cloud. You maintain some security responsibilities as you move applications, data, containers, and workloads to the cloud, while the provider takes some responsibility, but not all.

MFA and IAM Solutions Are Not Enough

As you move to the cloud, your perimeter and the protections you have in place for it will be pushed to their limit, and you’ll find yourself relying more on solutions like multi-factor authentication (MFA) and identity and access management (IAM) solutions instead of your on-premise firewalls and VPNs. Many cloud platforms like Dropbox and Google Drive automatically decrypt your files once you log into your account. Unfortunately, all of these user-credentialed applications, group privileges, and third-party data entitlements all require login credentials, so if a hacker successfully enters one of your user’s login credentials, they will be able to access everything. It doesn’t help that hackers find ways to circumvent MFA solutions, including intercepting the one-time passcode or stealing the security token sent to the user to simplify future logins.

With the remote workforce’s explosive growth due to the global pandemic, IAM solutions have become more susceptible to failure. Along with Zoom fatigue, there’s also user password fatigue. Users are frustrated with many different password requirements and expiration cycles. And as they spend more time trying to remember passwords, they take the easy way out and put your organization at risk by using old passwords. And to make matters worse, you run into compliance issues if your IAM solution doesn’t give you the visibility into your cloud and tell you which users have access to your applications and data, where they are accessing it and what they are doing with it.

Migrate to the Cloud with Confidence Using Atakama

Now you can forge ahead with your cloud migration without disrupting the speed of your business or interrupting existing user workflows. Atakama encrypts your critical files automatically using AES with a 256-bit key. Each file has a unique key that is automatically fragmented into “key shards” and distributed to users’ physical devices. Files are not decrypted in bulk, which will help you comply with most regulations without impacting how your users interact with their files.

Atakama also integrates with all the major cloud content management and file-sharing providers, including Box, Dropbox, Google Drive, and Microsoft OneDrive. With Atakama, you don’t have to rely on your cloud provider’s authentication or security solutions. You can take full responsibility for your data’s security as your users will be the only ones able to decrypt and interact with your organization’s Atakama-encrypted files stored in the cloud. Your files will remain encrypted even if your cloud environment is breached. And now, you can secure email files to external third parties while maintaining end-to-end file encryption. Atakama’s Secure File Transfer generates a download link that is emailed to the recipient. The sender has complete control of the decryption event with the added benefit of verifying the recipient’s identity before the file is downloaded.

Request a demo to see how Atakama can help you distribute documents securely outside your organization and confidently migrate to the cloud while protecting your data.

Ready to try Atakama?

Request Demo