Understanding and implementing the 14 Cloud Security Principles – Part 3: separation between users
The National Cyber Security Centre (NCSC) has put together detailed Cloud security guidance in relation to the 14 Cloud Security Principles.
The 14 Cloud Security Principles make up a framework that highlights essential considerations relating to key cloud security topics such as supply chain security, protection of data in transit and identity & authentication.
Understanding all of the different principles when it comes to implementing a robust Cloud and data security policy is imperative for any business, irrespective of size or sector.
This week we discuss Principle 3: separation between users
What is separation between users?
With thousands of different people using a Cloud service at any given time, it is vital that there is ‘separation between users. Any compromised or malicious user of the service, such as a disgruntled ex-employee, should in no way be able to affect the service or the data of any other users of the service.
There are several different factors that can affect user separation. Consider the following:
• if separation controls are implemented – this will be influenced by the service model being used. Double check what service model you are using: is it IaaS, PaaS or SaaS?
• do you know who you are sharing the service with? This will be dictated by the specific deployment model that is in place such as a public, private or community Cloud. Here at etiCloud, all of our clients use our own private Cloud, for example.
• what is the level of assurance available in the implementation of separation controls? Ask your provider!
If you are using an IaaS service you should consider separation provided by compute, storage and networking components. It is worth noting that SaaS and PaaS services built upon IaaS may receive some of the separation properties of the underlying IaaS infrastructure.
With regards this specific principle, the NCSC states that “you:
• understand the types of user you share the service or platform with
• have confidence that the service provides sufficient separation of your data and service from other users of the service
•have confidence that the management of your service is kept separate from other users”
The NCSC offers two different implementation approaches relating to separation of users and guidance for each approach. The first is where a hypervisor is in place to provide separation. The second is an approach where other software, such as operating systems or web servers, provide separation between users of the service.
When you better understand who you are sharing the cloud service with, the level of confidence you require in the user separation measures in that service will be dictated by how you intend to use the service and its deployment model.
There are different considerations for all three deployment models and the NCSC goes into detail on each, providing advice for private, community and public cloud services.
Finally, the NCSC suggests penetration testing to deliver confidence that products and security controls are configured in accordance with industry best practice. Such a test will uncover any vulnerabilities that can then be addressed.
Whilst potentially creating additional peace of mind, a penetration test can only go so far as establishing that there are no vulnerabilities at the specific time of the test, not the following day, or week. It’s therefore extremely important to carry out such checks on a regular basis.
You can take a look at the NCSC’s complete guidance on separation of users here. If you want to find out more or have any questions relating to separation of users, simply call any of the etiCloud team and we’ll gladly help.
Next up: Governance framework