Blog Detail

How protect your data is essential in today’s cloud technology landscape, where security has become critical due to numerous potential threats. Insecure default configurations, vulnerabilities in software dependencies, and administrative credential leaks are some of the common concerns. Misconfiguration of databases and S3 buckets has led to massive leaks of sensitive data. According to Ermetic, almost 100% of companies experienced a cloud data breach in the last 18 months.

 

Major cloud service providers (CSPs) such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) offer security features such as encryption, firewalls, and authentication. However, cloud security does not only depend on providers, as breaches often result from misconfigurations by users.

 

How Protect Your Data on AWS?

In the case of AWS, many violations involve misconfigured S3 buckets, but these are not inherent bugs in AWS, but rather user configuration errors. AWS offers a variety of security features, such as DDoS protection, secret management, and encryption. Its shared responsibility model means that users are responsible for security “in” the cloud, while AWS is responsible for security “of” the cloud.

 

How Protect Your Data in Microsoft Azure?

Azure, on the other hand, has experienced leaks due to misconfigured storage buckets. Although it offers similar features to AWS, some analysts perceive it as lagging behind in security. Azure’s shared responsibility model varies depending on whether the customer operates SaaS, PaaS, or IaaS, but always places responsibility for information and data in the hands of customers.

 

How Protect Your Data on Google Cloud Platform?

On GCP, cryptomining is a prominent concern, and while attacks do not typically involve the exfiltration of sensitive data, blind spots in storage log visibility have been pointed out. GCP provides security features such as DDoS protection, secrets management, and web application firewalls. Its shared responsibility model is more detailed and specifies security responsibilities by service.

 

En resumen, la seguridad en la nube es una responsabilidad compartida entre proveedores y usuarios. Determinar qué nube es más segura es desafiante, ya que depende del entorno y la implementación específicos. AWS se percibe como el más maduro, con configuraciones seguras por defecto y menos vulnerabilidades informadas en los últimos años. Sin embargo, la elección entre los CSP también debe basarse en las necesidades y el contexto particulares de cada usuario.