Cloud secure data lifecycle - "security follows the data"

Data is the most vital component of any system, including cloud environments. Understanding cloud data concepts is critical if you want to secure cloud-based systems.

The figure shows the cloud secure data lifecycle, and its steps are described in the following list.

• Create: The Create phase covers any circumstance where data is “new.” This new data can be freshly generated content, imported data that is new to the cloud environment, or data that has been modified/updated and has a new shape or state. The Create phase presents the greatest opportunity to classify data according to its sensitivity, ensuring that the right security controls are implemented from the beginning. Decisions made during this phase typically impact the data throughout the entire lifecycle.

Aside from data classification, it’s also important at this stage to consider tagging data with any important attributes, as well as assigning proper access restrictions to the data. Again, what you do during the Create phase usually travels with the data through each of the other phases. So, extra thought should be given to how the created data needs to be managed throughout its lifecycle.

• Store: The Store phase often happens in tandem with (or immediately after) the Create phase. During this phase, the created or modified data is saved to some digital repository within the application or system. Storage can be in the form of saved files on a filesystem, rows and columns saved to a database, or objects saved in a cloud storage system.

During the Store phase, the classification level assigned during creation is used to assign and implement appropriate security controls. Controls like encryption (at rest), Access Control Lists (ACLs), logging, and monitoring are important during this phase. In addition, this phase is when you should consider how to back up your data to maintain redundancy and availability appropriately. 

• Use: The Use phase includes any viewing, processing, or consumption of data that was previously in the Store phase. For this model, the Use phase is considered read-only and does not include any modification. (Modifications are covered in the Create phase.)

One important consideration during this phase is that data must be unencrypted while in use. For this reason, the Use phase presents some of the greatest threats to data, if not properly secured. File access monitors, logging and monitoring, and technologies like Information Rights Management (IRM) are important to detect and prevent unauthorised access during the Use phase.

• Share: During the Share phase, data is made available for use by others, such as employees, customers, and partners. As it’s shared, data often traverses a variety of public and private networks and locations and is subjected to various unique threats along the way. Proper encryption (in transit) is important during this phase, as well as IRM and Data Loss Prevention (DLP) technologies that help ensure sensitive data stays out of the wrong hands.

• Archive: The Archive phase involves data transitioning from active use to long-term “cold” storage. Archiving can entail moving data from a primary storage tier to a slower, less redundant tier that is less expensive or can include moving data off the cloud to a separate medium altogether (backup tape, for example).

Most data is eventually archived after it’s no longer needed regularly. Once archived, the data must be secured and also remain available for retrieval, when necessary. Legal and regulatory requirements must be carefully considered during the Archive phase, as these requirements may influence how long specific data is required to be stored.

• Destroy: The final phase of the data lifecycle is the Destroy phase. Destroying data involves completely removing it from the cloud using logical erasure or physical destruction (like disk pulverising or degaussing). In cloud environments, customers generally have to rely on logical destruction methods like crypto-shredding or data overwriting. Still, many CSPs have processes for physical destruction, per contractual agreements and regulatory requirements.

 #> echo "Thank you :)"

Identifying Information Security fundamentals

• Pillars of Information Security

Information security is the practice of protecting information by maintaining its confidentiality, integrity, and availability. These three principles form the pillars of information security, and they’re often referred to as the CIA triad

• Confidentiality

Confidentiality entails limiting access to data to authorized users and systems. In other words, confidentiality prevents the exposure of information to anyone who is not an intended party. 

The concept of confidentiality is closely related to the security best practice of least privilege, which asserts that access to systems or information should only be granted on a need-to-know basis.  To enforce the principle of least privilege and maintain confidentiality, you must classify (or categorize) data by its sensitivity level. 

• Integrity

Integrity involves maintaining the accuracy, validity, and completeness of information and systems. It ensures that data is not tampered with by anyone other than an authorized party for an authorized purpose. 

A checksum is a value derived from a piece of data that uniquely identifies that data and is used to detect changes that may have been introduced during storage or transmission. Checksums are generated based on cryptographic hashing algorithms and help you validate the integrity of data. 

• Availability

Availability is all about ensuring that authorized users can access required systems and data when and where they need it 

One of the most common attacks on availability is Distributed Denial of Service, or DDoS, which is a coordinated attack by multiple compromised machines disrupting a system’s availability. Another common and rapidly growing attack on availability is ransomware, which involves an attacker blocking a system or data owners from accessing their systems and data until a sum of money is paid. 

• Security controls

You know all about confidentiality, integrity, and availability — that’s great! Now, how do you enforce those concepts in your systems? Security control is the specific mechanism or measures implemented to safeguard systems or assets against potential threats and vulnerabilities — said another way, security controls protect the confidentiality, integrity, and availability of your systems and data. 

Security controls can be categorized in a couple of ways: by their type and by their function. 

Types of security control include: 

• Technical controls use technology (shocking, I know!) to protect information systems and data. Things like firewalls, data loss prevention (DLP) systems, and encryption fall under this category.
• Physical controls involve the use of physical measures to protect an organization’s assets. This can include things like doors, gates, surveillance cameras, and physical disposal of sensitive information (including things like shredding and degaussing).
• Administrative controls include the set of policies, procedures, guidelines, and practices that govern the protection of systems and data. This can be anything from incident response plans (see later in this chapter) to security awareness training.

Functions of security controls include:

• Preventative controls keep negative security events from happening. This includes things like security awareness training, locked doors, and encryption.
• Detective controls identify negative security events when they do happen. Examples of detective controls include log monitoring and video surveillance.
• Corrective controls fix or reduce damages associated with a negative security event and may include measures to prevent the same negative event from happening again. Backups and system recovery features are the most common examples of corrective controls.

• Threats, Vulnerabilities, and Risks

Threats, vulnerabilities, and risks are interrelated terms describing things that may compromise the pillars of information security for given system or an asset (the thing you’re protecting). 

 

• Threats

A threat is anything capable of intentionally or accidentally compromising an asset’s security. Some examples of common threats include: 

• Natural disasters: Earthquakes, hurricanes, floods, and fires can cause physical damage to critical infrastructure, leading to loss of connectivity, power outages, or even destruction of systems.
• Malware: Malicious software such as viruses, worms, and ransomware can infect systems, steal data, or disrupt normal business operations.
• Phishing attacks: Deceptive emails, messages, or websites designed to trick individuals into revealing sensitive information like passwords, credit card numbers, or personal data.
• Denial of service (DOS) attacks: Deliberate attempts to overload a network, server, or website with excessive traffic, making it unavailable to legitimate users.

• Vulnerabilities

A vulnerability is a weakness or gap existing within a system; it’s something that, if not taken care of, may be exploited to compromise an asset’s confidentiality, integrity, or availability. Examples of vulnerabilities include: 

• Unpatched software: Failure to install updates or patches for operating systems, applications, or firmware, leaving security vulnerabilities open to exploitation.
• Lack of environmental protection: Missing or faulty fire suppression systems or other physical protections, leaving infrastructure vulnerable to natural disasters and other environmental threats.
• Insecure passwords: The use of commonly used or otherwise insecure passwords, makes it easier for attackers to gain unauthorized access to accounts or systems.
• Untrained employees: Lack of security awareness training for employees and system users, leaving them susceptible to phishing attacks.

Threats are pretty harmless without an associated vulnerability, and vice versa. A good fire detection and suppression system gives your data centre a fighting chance, just like (you hope) thorough security awareness training for your organization’s employees will neutralize the threat of an employee clicking on a link in a phishing email. 

 

• Risks

Risk is used to define the potential for damage or loss of an asset. Risk = Threat x Vulnerability. This simple equation is the cornerstone of risk management. 

Some examples of risks include: 

» A fire wipes out your data centre, making service unavailable for five days.

» A hacker steals half of your customer’s credit card numbers, causing significant reputational damage to your company.

» An attacker gains root privilege through a phishing email and steals your agency’s Top Secret defence intelligence 

• Identity and Access Management (IAM)

IAM consists of four key elements: identification, authentication, authorization, and accountability. 

• Identification is the act of establishing who (or what) someone (or something) is. In computing, identification is the process by which you associate an entity (i.e., a system or user) with a unique identity or name, such as a username or email address.
• Authentication takes identification a step further and validates a user’s identity. During authentication, you answer the question “Are you who you say you are?” before authorizing access to a system.

Authenticators generally fit into one of three factors (or methods): 

• Something you know: Passwords and PINs (Personal Identification Numbers) fall into this category.
• Something you have: Security tokens and smart cards are examples of this factor.
• Something you are: Examples of this factor include fingerprints, iris scans, voice analysis, and other biometric methods
• Authorization is the process of granting access to a user based on their authenticated identity and the policies you’ve set for them.
• Accountability involves assigning and holding an entity responsible for its actions within an information system. Accountability requires establishing unique user identities, enforcing strong authentication, and maintaining thorough logs to track user actions

• Encryption and decryption

Encryption is the process of using an algorithm (or cipher) to convert plaintext (or the original information) into ciphertext. The ciphertext is unreadable unless it goes through the reverse process, known as decryption, which then allows an authorized party to convert the ciphertext back to its original form using the appropriate encryption key(s).  

Types of encryption

Encryption can either be symmetric-key or asymmetric-key. The two encryption types function very differently and are generally used for different applications. 

• Symmetric-key encryption (sometimes referred to as secret-key encryption) uses the same key (called a secret key) for both encryption and decryption (see Figure). Using a single key means the party encrypting the information must give that key to the recipient before they can decrypt the information. The secret key is typically sent to the intended recipient as a message separate from the ciphertext. Symmetric-key encryption is simple, fast, and relatively cheap.

A notable drawback of symmetric-key encryption is it requires a secure channel for the initial key exchange between the encrypting party and the recipient. If your secret key is compromised, the encrypted information is as good posted on a billboard.

                                

• Asymmetric-key encryption (more commonly known as public-key encryption) operates by using two keys — one public and one private. The public key, as you might guess, is made publicly available for anyone to encrypt messages. The private key remains a secret of the owner and is required to decrypt messages that come from anyone else (see Figure). Although public-key encryption is typically slower than its counterpart, it removes the need to secretly distribute keys and also has some very important uses                                

Common uses of encryption: Data Protection(in-Rest and in-transit), Authentication and Authorization, Network Security(TLS), Digital Signature, VPN, Crypto-Shredding, etc. 

• Importance of Business Continuity and Disaster Recovery

Business continuity (BC) refers to the policies, procedures, and tools you put in place to ensure critical business functions continue during and after a disaster or crisis. The goal of business continuity is to allow essential personnel the ability to access important systems and data until the crisis is resolved. 

DR is the part of BC focused on restoring full operation of and access to hardware, software, and data as quickly as possible after a disaster.  

Business continuity broadly focuses on the procedures and systems you have in place to keep a business up and running during and after a disaster. Disaster recovery more narrowly focuses on getting your systems and data back after a crisis hits. 

You need to be aware of a couple important related metrics: 

» Recovery Time Objective (RTO) is the amount of time within which business processes must be restored in order to avoid significant consequences associated with the disaster. In other words, RTO answers the question “How much time can pass before an outage or disruption has unacceptably affected my business?”

» Recovery Point Objective (RPO) is the maximum amount of data loss that’s tolerable to your organization. It answers the question “How much data can I lose before my business is unacceptably impacted by a disaster?” RPO plays an important role in determining frequency of backups.

 #> echo "Thank you :)"