Cloud Security: The increasing adoption of the cloud in Brazil is a reality for many companies and solutions that we use on a daily basis. Along with this growth, we see the increase in cases of security incidents and the importance of properly protecting this environment.
Initially, it is important to clarify what the cloud is: it is a concept that allows us to access a remote network and use on demand a set of shared computing resources present in this infrastructure, such as networks, servers, storage, applications and services.
These resources can be quickly provisioned and released for use with minimal management and interaction on the part of the service provider, no longer requiring the physical acquisition process of these components, eliminating the need to use their own space in data centers, reducing consumption of electricity, among others.
The data, instead of being kept on an owner’s hard drive or any other local storage device, is kept in a remote database of these service providers, and applications are accessed directly over the internet.
Looking at this concept and making an analogy with the security that is applied when we have all the infrastructure in our own environment, we have to have, at least, an equal level of protection in the cloud environment.
At this point, it is essential to understand that clouds adopt, in terms of security, a model of shared responsibility and which security tasks are managed by the cloud provider and by those who hire the service.
In this way, the security of the resources itself is guaranteed by the providers, but the entire topology, such as access control, system updates, server and application protection must be done separately, and it is precisely at this point that we have major flaws that can enable hackers to exploit attacks.