Prevent security misconfigurations in a multi-cloud environment
Published 01/20/2020
By the CipherCloud Team
In November 2019, we witnessed one of the biggest data breaches to date. Personal information of 1.2 billion users got exposed, including phone numbers, email addresses and profiles of hundreds of millions of people that include home and cell phone numbers, associated social media profiles like Facebook, Twitter, LinkedIn, and Github. Reason for the breach? The server hosting all the data was unprotected!
This is not the first breach that happened due to a security oversight or misconfiguration, i.e. human error, leading to open servers getting exposed. According to the "2019 Cost of a Data Breach Report" by a popular analyst firm, the global average cost of a data breach today stands at $3.92 million. But what's more shocking is the fact that the data breach lifecycle (time taken by an organization to identify a breach) is 279 days! The majority of the time, they are alerted by a third party or a government agency that found the data in the dark web.
The upswing in global cloud adoption has given rise to new cloud security threats, where hackers can study a company's weakness and gain unauthorized access to steal confidential information. We need smarter and more agile controls to deal with such threats, and this is where the traditional security measures of cloud service providers fail. Cloud misconfiguration is the first thing a hacker checks for, and a small security oversight, such as the removal of an old account, can bring down your fortress in a matter of seconds. Here are some of the common ways a cloud can be misconfigured:
- Lack of access restrictions - unsecured AWS S3 storage buckets are perhaps the most frequently breached resources
- Lack of data protection - personal information (PII, PCI, social security numbers) uploaded in plain-text form in the cloud
- Lack of audit and validation - no regular audits of resources and configurations can lead to a security flaw ready to be pounced upon by malicious exploiters
- Lack of logging and monitoring - timely checking of data and access logs is vital to identify and flag security-related events
- Over entitlement of access to users - user access should be restricted to only the applications and data that he is permitted to use
The growing cloud usage has expanded the threat vector and introduces newer challenges for the IT security team, making it impossible to manually manage and secure the cloud. So what's the need of the hour? Automate the cloud security assessment and management!
Cloud Security Posture Management (CSPM) performs an automated assessment of your cloud landscape against well-defined security and compliance guidelines and provides a comprehensive view of your cloud risk posture through intuitive and drill-down dashboards. A CSPM can help reduce your operational complexity in managing security across all your cloud applications, prevent data loss due to misconfigurations, and ensure the latest compliance guidelines – GDPR, CCPA, HIPAA, PCI, are adhered to in a multi-cloud infrastructure.
Watch this webinar on the latest cloud security innovations to understand how a CSPM detects and remediates misconfigured cloud applications and infrastructure.
Related Articles:
Why Application-Specific Passwords are a Security Risk in Google Workspace
Published: 11/19/2024
Top Threat #1 - Misconfig Misadventures: Taming the Change Control Chaos
Published: 08/20/2024
AWS S3 Bucket Security: The Top CSPM Practices
Published: 06/10/2024