Understanding Security Risks and Threats in the Cloud - Part 1
Description
Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started!
Lois: Hello and welcome to the Oracle University Podcast! I'm Lois Houston, Director of Innovation Programs with Oracle University, and with me is Nikita Abraham, Team Lead: Editorial Services.
Nikita: Hey everyone! Last week, we discussed how you can keep your data safe with authentication and authorization. Today, we'll talk about various security risks that could threaten your systems.
Lois: And to help us understand this better, we have Orlando Gentil, Principal OCI Instructor, back with us. Orlando, welcome back! Let's start with the big picture—why is security such a crucial part of our digital world today?
Orlando: Whether you are dealing with files stored on a server or data flying across the internet, one thing is always true—security matters.
In today's digital world, it's critical to ensure that data stays private, accurate, and accessible only to the right people.
Nikita: And how do we keep data private, secure, and unaltered? Is there a security framework that we can use to make sense of different security practices?
Orlando: The CIA triad defines three core goals of information security.
CIA stands for confidentiality. It's about keeping data private. Only authorized users should be able to access sensitive information. This is where encryption plays a huge role.
Integrity means ensuring that the data hasn't been altered, whether accidentally or maliciously. That's where hashing helps. You can compare a stored hash of data to a new hash to make sure nothing's changed.
Availability ensures that data is accessible when it's needed. This includes protections like system redundancy, backups, and anti-DDoS mechanisms. Encryption and hashing directly support confidentiality and integrity. And they indirectly support availability by helping keep systems secure and resilient.
Lois: Let's rewind a bit. You spoke about something called hashing. What does that mean?
Orlando: Hashing is a one-way transformation. You feed in data and it produces a unique fixed length string called a hash. The important part is the same input always gives the same output, but you cannot go backward and recover the original data from the hash.
It's commonly used for verifying integrity. For example, to check if a file has changed or a message was altered in transit. Hashing is also used in password storage. Systems don't store actual passwords, just their hashes.
When you log in, the system hashes what you type it and compare the stored hash. If they match, you're in. But your actual password was never stored or revealed. So hashing isn't about hiding data, it's about providing it hasn't changed. So, while hashing is all about protecting integrity, encryption is the tool we use to ensure confidentiality.
Nikita: Right, the C in CIA. And how does it do that?
Orlando: Encryption takes readable data, also known as plaintext, and turns it into something unreadable called ciphertext using a key. To get the original data back, you need to decrypt it using the right key.
This is especially useful when you are storing sensitive files or sending data across networks. If someone intercepts the data, all they will see is gibberish, unless they have the correct key to decrypt it. Unlike hashing, encryption is reversible as long as you have the right key.
Lois: And are there different types of encryption that serve different purposes?
Orlando: Symmetric and asymmetric encryption. With symmetric encryption, the same key is used to both encrypt and decrypt the data.
It's fast and great for securing large volumes of data, but the challenge lies in safely sharing the key. Asymmetric encryption solves that problem. It uses a pair of keys: public key that anyone can use to encrypt data, and a private key that only the recipient holds to decrypt it.
This method is more secure for communications, but also slower and more resource-intensive. In practice, systems often use both asymmetric encryption to exchange a secure symmetric key and then symmetric encryption for the actual data transfer.
Nikita: Orlando, where is encryption typically used in day-to-day activities?
Orlando: Data can exist in two primary states: at rest and in transit. Data at rest refers to data stored on disk, in databases, backups, or object storage.
It needs protection from unauthorized access, especially if a device is stolen or compromised. This is where things like full disk encryption or encrypted storage volumes come in. Data in transit is data being sent from one place to another, like a user logging into a website or an API sending information between services.
To protect it from interception, we use protocols like TLS, SSL, VPNs, and encrypted communication channels. Both forms data need encryption, but the strategies and threats can differ.
Lois: Can you do a quick comparison between hashing and encryption?
Orlando: Hashing is one way. It's used to confirm that data hasn't changed. Once data is hashed, it cannot be reversed. It's perfect for use cases like password storage or checking the integrity of files. Encryption, on the other hand, it's two-way. It's designed to protect data from unauthorized access.
You encrypt the data so only someone with the right key can decrypt and read it. That's what makes it ideal for keeping files, messages, or network traffic confidential. Both are essential for different reasons. Hashing for trust and encryption for privacy.
Adopting a multicloud strategy is a big step towards future-proofing your business and we're here to help you navigate this complex landscape. With our suite of courses, you'll gain insights into network connectivity, security protocols, and the considerations of working across different cloud platforms. Start your journey to multicloud today by visiting mylearn.oracle.com.
Nikita: Welcome back! When we talk about cybersecurity, we hear a lot about threats and vulnerabilities. But what do those terms really mean?
Orlando: In cybersecurity, a threat is a potential danger and a vulnerability is a weakness an asset possess that a threat can exploit.
When a threat and a vulnerability align, it creates a risk of harm. A threat actor then performs an exploit to leverage that vulnerability, leading to undesirable impact, such as data loss or downtime. After an impact, the focus shifts to response and recovery to mitigate damage and restore operations.
Lois: Ok, let's zero in on vulnerabilities. What counts as a vulnerability, and what categories do attackers usually target first?
Orlando: Software and hardware bugs are simply unintended flaws in a system's core programming or design.
Misconfigurations arise when systems aren't set up securely, leaving gaps. Weak passwords and authentication provide easy entry points for attackers. A lack of encryption means sensitive data is openly exposed.
Human error involves mistakes made by people that unintentionally create security risks. Understanding these common vulnerability types is the first step in building more resilient and secure systems as they represent the critical entry points attackers leverage to compromise systems and data. By addressing these, we can significantly reduce our attack surface and enhance overall security.
Nikita: Can we get more specific here? What are the most common cybersecurity threats that go after vulnerabilities in our systems and data?
Orlando: Malware is a broad category, including viruses, worms, Trojans, and spyware. Its goal is to disrupt or damage systems.
Ransomware has been on the rise, targeting everything from hospitals to government agencies. It lock your files and demands a ransom, usually in cryptocurrency. Phishing relies on deception. Attackers impersonate legitimate contacts to trick users into clicking malicious links or giving up credentials.
Insider threats are particularly dangerous because they come within employees, contractors, or even former staff with lingering access. Lastly, DDoS attacks aim to make
United States
