Over the last decade, and especially during the pandemic, companies around the country have been moving their data and processes to the cloud. Working in the cloud provides important protection from business disruption should employees not have the ability to work from a central office.
Cloud solutions like VoIP phone systems and platforms like Microsoft 365 and QuickBooks online have also reduced the cost to do business and improved productivity by providing anywhere, anytime access to resources.
But with the rise of cloud computing has also come a new type of attack called “cloud jacking.” Cloud jacking is the takeover of a cloud account by an attacker for nefarious reasons.
When cloud accounts are hijacked, an attacker can do things like:
- Send phishing and spam from your company email domain
- Infect your files with ransomware or other malware
- Forward user emails to another address
- Change account security settings
- Add and remove users
- Access and steal sensitive information
How bad has cloud jacking become?
- Attacks on cloud accounts increased 630% in 2020.
- Theft of user passwords has become the #1 tactic used in phishing emails.
- The HIPAA Journal reports that between mid-2019 and mid-2020, approximately 70% of companies have experienced a public cloud data breach.
How Does Cloud Jacking Happen?
A majority of cloud jacking incidents happen through a compromised user credential. The attacker uses a legitimate user password to log into a system, which allows them to bypass security designed to keep intruders out.
SaaS providers like Microsoft and Google have strict security on their cloud servers, but with a legitimate user credential, a hacker can get right in. So, the lack of password and access security is a big reason that businesses of all types are becoming a victim of cloud jacking.
Important Ways You Can Prevent Cloud Jacking of Your Accounts
Enable Multi-Factor Authentication (MFA)
When MFA is enabled, the user receives a time-sensitive code on their device (usually a smartphone) at the time of login. They have about 5-10 minutes to input that code to complete login and gain access to their account.
That one additional step is all it takes to keep between 76%-100% of attackers out that have a compromised user password, depending upon the type of MFA used.
This is one of the most effective methods of protecting your cloud accounts from being breached.
Use an Access Monitoring Application
Most companies have employees logging into business cloud accounts from various desktop and mobile devices. This has rendered many IP-specific access restrictions useless because the IP address that users log in from can change several times in a day.
It’s important to use a method of access monitoring through a tool like Microsoft Cloud App Security or similar. This type of application will allow you to designate devices that are approved to access your cloud accounts and keep out those that aren’t.
It also includes cloud access monitoring by device/user, application of standard security policies across different SaaS tools, and can help you evaluate the security risk of a new cloud application.
Continue Training Users on Phishing & Data Security
Training users on I.T. security can reduce your risk of a breach by as much as 70%. It’s important to conduct ongoing cybersecurity awareness training to keep security at the forefront of users’ minds as they go about their tasks during a busy day.
Training topics that will help improve cloud security are:
- How to spot a phishing email
- How to avoid spoofed sign-in pages designed to steal passwords
- What to do if phishing is suspected
- How to properly store and protect passwords
- What does social phishing look like?
- Common phishing scams designed to steal login credentials
Have Your Cloud Security Professionally Customized
Misconfiguration of cloud security settings is the top cause of cloud jacking. Companies are juggling multiple cloud accounts these days, and they all have different configurations that users can set to protect their accounts.
It’s not safe to just leave your cloud security settings at the default. Contact a professional, like Texas I.T. Pros, to configure your cloud settings for the best protection and efficiency.
Use the Rule of Least Privilege
Small businesses often set up all new users as Admins “just to make things easier.” But giving users higher-level privileges than they need puts your cloud account at a larger risk of being breached.
Use the Rule of Least Privilege to mitigate your risk. This rule states that each user should be given the lowest-level privileges needed for them to do their daily tasks.
Get Help Securing Your Cloud Accounts from a Cloud Jacking
Texas I.T. Pros can help your Denton or Wise County business protect your cloud accounts through smart security strategies and ongoing monitoring.
Contact us today to learn more! Call 940-239-6500 or reach out online.