We never used to read the privacy policies anywhere, but the rising spread of knowledge about threats and conning has forced us to be a bit more careful. Knowing what is important and what should be avoided on the internet is necessary.
Cloud services are an IT paradigm which changed our experience as users of the internet for the better. But before we indulge in this boon there are certain things we need to know of. In an attempt to spread necessary info, below is a list of cloud security terms you SHOULD know.
A botnet is a network of internet-connected devices, each of which is running on one or more bots. This code may instruct the infected devices to spread the malware, send spam, spread viruses, or it may instruct them to send repeated requests to a particular server, which results in a denial-of-service (DDoS) attack.
2. CASB (Cloud Application Security Broker)
CASB provides visibility into what cloud services are being used and supports organizations with compliance, threat protection, and security for cloud services.
3. SSL Decryption, Encryption, and Inspection
Secure Sockets Layer is a standard security technology for establishing an encrypted link between a server and a client—typically a web server and a browser. When data as plain text is shared between browsers and servers, it is vulnerable to attacks. SSL allows secure transmission of important or sensitive data.
All browsers have the capability to communicate with secured web servers using the SSL protocol. Sites secured by SSL start with https and not with http.
SSL traffic accounts for about 80 per cent of all internet traffic, making SSL decryption, encryption, and inspection a vital component of your security posture.
Malware, or malicious software, is any software or file that is specifically designed to compromise or damage a computer or server or network. It induces the infection only after it is implanted into the targeted computer. It includes many varieties of computer viruses, worms, Trojan horses, spyware, etc. in the forms of executable code, scripts, active content, and other software. Malware is coded to carry out various tasks, including stealing, encrypting, or deleting sensitive data; altering or hijacking core computing functions; and monitoring users’ computer activity without their permission.
5. Cloud Firewall
A cloud firewall is a cloud-based network security system that is based on given security rule, oversees and controls the moving of traffic on your network.
It is an application that you either licence from an online host or from your chosen firewall vendor. It provides network security from attacks to your server by other servers, insider or not.
Cloud firewalls have key advantages over hardware-based solutions. Hardware solutions are extremely limited, cloud firewalls can scan encrypted traffic as well. With the majority of internet traffic now encrypted, hardware solutions leave a lot of traffic uninspected when compared to cloud firewall.
6. NGFW (Next-Generation Firewall)
NGFW is a part of the third generation of firewall tech. It is a hardware or software based network security program that detects and blocks attacks by enforcing security policies at the application level and at the protocol or port level as well.
Ransomwares are cryptovirological malicious softwares that are commonly delivered via infected email and often target a specific user or users. They generally threaten to publicize users’ private data or block access to it until and unless a ransom is paid.
Attackers make sure that their email looks legitimate, and generally use an encrypted message to hide and deliver their malware payloads.
8. AWS (Amazon Web Services)
AWS is a part of Amazon.com, a cloud services suite that makes up the Amazon cloud computing platform, which many companies are using to connect to private applications and workloads on the cloud. Basically, they are providers of cloud computing platforms to individuals, companies and governments, on a paid subscription basis.
9. Cloud Computing
Cloud computing is an internet-based approach to storing, managing and analyzing data. It is basically a boon of the IT sector that aims to create omnipresent access to the shared area of configurable system resources and higher-level services that can be quickly enabled with least possible management effort, over the Internet.
Main lineaments of cloud computing include on-demand self-service, wider network access, resource sharing, and measured service. It allows the distribution of applications and business processes as services. As opposed to resources like software and storage hardware that is traditionally onsite, Cloud Computing services are online. The three prominent categories of cloud computing are:
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
10. DLP (Data Loss Prevention)
Data loss prevention (DLP) refers to software that identifies potential data breaches or illegal data transmissions and stops them by checking, recognizing and blocking sensitive data irrespective of it being in-use, in-motion or at-rest.
DLP are basically systems with which providers can abstain users from sending sensitive information to unauthorized or unsafe devices or recipients.
DLP tech works on policies set by the server or network administration. These policies might be made on algorithms designed to detect specific types of data in the user traffic. Can also be decided by user or group, URL type, location, etc.