As organizations continue to shift more and more workloads to the cloud, they may inadvertently create security vulnerabilities. Recent research finds that configuration errors, insecure interfaces, unpatched applications, and poor encryption and authentication practices are opening the door for a variety of exploits.
As we noted in a previous post, the rush to deploy new cloud services last year to support remote workers has been a factor. IT organizations often sacrificed security to get a service or app up and running quickly, with the intention of circling back later and shoring things up. Despite their good intentions, that proved to be a risky approach.
Almost three-quarters of cybersecurity incidents in 2020 involved cloud assets, according to the latest Verizon Data Breach Investigations Report. It was the first time that cloud security incidents outnumbered on-premises ones.
Nevertheless, the shift to cloud computing is inexorable — there are just too many benefits. That makes it essential to implement a comprehensive security framework based on industry best practices to ensure the consistent application of security tools, configurations, policies and practices across all cloud instances.
Here are five things to consider when developing your cloud security framework:
Define your responsibilities. You cannot have effective cloud security without a solid understanding of the shared responsibility model. In general, cloud providers are responsible for securing the cloud infrastructure while customers must protect their data and applications within the cloud. Because these responsibilities vary from provider to provider, organizations must do their due diligence to clearly define each party’s obligations.
Focus on data. In a recent SANS Institute survey, IT leaders ranked their most-used cloud security tools. Topping the list were antimalware, multifactor authentication, VPN, log and event management, and vulnerability scanning. These are all important security measures, but they don’t necessarily reflect cloud-focused security. Instead, they are all largely perimeter-based “castle and moat” defenses. Shift to a more data-focused approach by implementing integrated encryption and key management, data loss prevention and robust backup solutions.
Automate configuration management. Every cloud service requires configurations related to users, roles, permissions, storage, service connections and more. According to one recent study, 90 percent of organizations are vulnerable to security breaches due to misconfigurations. Many use spreadsheets and manual reviews to track configuration status, but that is a time-consuming and error-prone process. A better approach is to use tools that continuously monitor cloud environments and automatically detect and correct misconfigurations.
Manage cloud usage. The uncontrolled proliferation of cloud instances creates enormous risk. Employees often use cloud services and applications without the knowledge or consent of the IT department, creating gaps in cloud security — particularly if those employees are using untrusted endpoint devices. Tools such as cloud access security brokers can help centralize control of cloud instances. Web proxies, firewalls and SIEM logs provide additional insight into the organization’s cloud usage.
Control user access. It is essential to control who has access to your cloud applications and data, what they can access and what they can do with your data. Identity and access management tools combine user provisioning, password management, strong authentication, single sign-on and other technologies to manage user access privileges. Privileged access management solutions control privileged accounts that have administrator-level access to resources.
In many ways, the cloud is potentially more secure than on-premises infrastructure. Few organizations have the financial or staffing resources to provide the same security measures as large providers such as Amazon, Google and Microsoft. However, the more workloads organizations move to the cloud, the more hackers will target those resources. As you expand your cloud usage, let us help you deploy the solutions you need to establish a robust security architecture.
