Five Hybrid Cloud Security Challenges and their Solutions

   The overwhelming majority of computer networks today are hybrid cloud configurations.

     According to a recent survey, 74% of businesses describe their environment as hybrid/multi-cloud, and that number is only expected to rise in the years to come.

     But alongside the rise of hybrid cloud architecture, we’ve witnessed a parallel increase in cyberattacks. Over the past two years, in fact, security breaches have risen by 11% and by 67% since 2014. In 2019, more than 7,000 breaches resulted in the exposure of over 15 billion user records. Today, hackers attempt such break-ins an average of 2,244 times per day—that’s an attack every 39 seconds.

     Businesses need proven security solutions for hybrid cloud environments. Yet specific challenges persist in the areas of inbound firewall port access, code injection attacks, remote workers and VPNs, user management, and Remote Desktop Protocol attacks. This article discusses five hybrid cloud security challenges and their solutions.

1. Inbound Firewall Port Access. When an enterprise application allows inbound connections, this exposes IP addresses, ports, and identities and leaves them vulnerable to a distributed denial-of-service (DDoS) attacks and other breaches. This is a particularly challenging issue since many presume that normal inbound connections are necessary in order to run applications that use the Internet. However, with recent innovations in cloud hybrid security that restrict all traffic to outbound-only communication, this is no longer the case.
2. IP-based attacks and Code Injection. One of the primary security challenges for cloud hybrid configurations is vulnerability to IP-based attacks and malicious code injection. Many common applications run on today’s typical hybrid cloud networks leave entire systems open for such attacks. How to protect your system? We’ve found that only a solution that prevents all inbound traffic and isolates on-premises data from the Internet can remain fully effective in today’s hybrid cloud environments.
3. Remote Workers. Telecommuting and remote working are on the rise, especially in the current post-COVID-19 era. Until recently, Virtual Private Networks (VPNs) were the de facto solution for remote access to enterprise applications. Another option is a reverse VPN, a virtual private network launched from within the protected network for an external user. But both options are vulnerable to attacks. VPNs allow IP traffic between connected nodes, and when any nodes are compromised, the network is exposed. The solution for hybrid cloud remote work is an ultra-secure passive data-only transmission channel.
4. User Management. Ever notice how we always seem to be logging into one system after another? Using hybrid cloud networks means that many employees spend valuable time entering an increasing number of usernames and passwords. This leads to decreases in efficiency and productivity. User management is key to keeping your business and its data secure. That is why we’ve found that perimeter-bound, time-based user management systems that run behind normal log-in screens are the most effective and efficient option for hybrid cloud systems.
5. Remote Desktop Protocol (RDP) Attacks. Since the start of the COVID-19 pandemic, businesses experienced a surge in attacks against the more than 1.5 million new Internet-exposed RDP servers. RDP was originally designed to allow support teams to remotely fix all kinds of issues—particularly useful given the fact that many IT workers now also work from home. But RDP can also be a major vulnerability when connected to the Internet. In our view, a hybrid cloud RDP solution requires Time-based One-time IDs (OTIDs) instead of static administrative accounts.