Question

Describe the major Information Security risks that you see associated with the move to this Microservices strategy for Web Services. You should name and describe each risk that you estimate its likelihood and consequence and then describe a possible control for the risk and describe using tabular form

Answer 1

Based on the above Question

1. Lack of Encryption:- Network transmissions are vulnerable to eavesdropping and Man-in-the-Middle (MitM) attacks that circumvent mutual authentication by impersonating endpoints. Mobility enterprise managers must encrypt communications and data to prevent security incursions.

Fix:

• Shield transmissions from random attacks with cryptographic protocols that include endpoint authentication.
• Employ a reliable VPN.
• Use a reliable proxy server
• Encrypt all transmissions using SSL/TLS to manage server authentication and prevent interception of data off the wire
• Use Secure Shell (SSH) network tunnel protocols to send unencrypted traffic over a network.

2. Inadequate Security Risk Assessment

Fix:Failing to perform detailed risk profiles of an IT infrastructure and systems prevents network administrators from determining how and where an intrusion has occurred or when it happened. It makes future breaches virtually impossible to prevent.

• Rigorous risk prevention and assessment must be in place - at all times.
• IDS/IPS systems should always scan for any malicious traffic.
• Log monitoring must be activated and software updates current.
• A holistic approach is the best way to handle network organization security using a reliable SIEM system. This way all enterprise security data can be viewed and easily trended.

3. Poor Compliance:-Hybrid clouds require more due diligence when it comes to compliance. Both the public cloud provider and your private cloud must stay within compliance parameters. Maintaining and demonstrating compliance is more difficult with the hybrid model because data moves back and forth.

Fix:

• The two clouds must be coordinated. You not only have to ensure that your public cloud provider and private cloud are in compliance, but demonstrate the compliance of the two clouds as they work together.
• The two cloud must meet industry standards for data security when handling sensitive data.

4. Weak Security Management:-Too many enterprise managers run amuck when they fail to employ authentication, identity management, and authorization procedures for both their private and public cloud. Cloud security protocols must be integrated.

Fix:

• Replicate controls for both clouds.
• Synchronize security data or use an identity management service that works with systems you run in either cloud.
• Maintain in-house data storage for sensitive data not appropriate for the public cloud.

5. Poor Data Redundancy:-A lack of redundancy puts a hybrid IT cloud and your enterprise at risk. This is especially true if you don’t have redundant copies of data properly distributed across all data centers. Distributing data this way mitigates the damage that occurs when there is an outage in one data center.

Fix:

Implement redundancy. This can be accomplished three ways:

• By utilizing multiple data centers from one cloud provider
• From many public cloud providers
• From a hybrid cloud

6. Unprotected APIs:-When unprotected, API endpoints expose sensitive data to malicious attacks that exploit an authentication/authorization token or key to manipulate personal information and data. This vulnerability is of particular concern in enterprise mobility management and BYOD transmissions over unsecure connections.

Fix:

• API keys must be handled in the same manner as encryption and code-signing keys.
• Third- party developers must be sure to handle keys securely.
• Always verify a third-party before releasing API keys to avoid a security breach.

8. Denial-of-Service (DoS) Attacks:- Attackers render a cloud or mobile enterprise inaccessible by issuing a DoS attack. Network service is disrupted in the virtual environment through an inherent weakness in shared resources such as CPU, RAM, and disk space or network bandwidth.

Fix:

Denial of Service attacks on cloud management APIs are often caused by sending bad SOAP or REST requests from the enterprise.

• Flow analytics can fend off DoD attacks by reacting to the incursion and redirecting traffic to a mitigation device.
• Keep in mind, the flow analytics tool must be scalable for the amount of traffic it gathers and analyzes. Because it is a slower method, it is not as effective in combating volumetric (DDoS) attacks.
  
  
  
  If you have any Queries please comment below.
  If you like my answer Please Upvote / Like it.
  Thank you