• Thom Bradley

Why Misconfiguration Lead to Breaches - Cloud Security - Risk and Compliance

When it comes to cloud security, misconfigurations within security compliance are the biggest threat to the notion of safety that users can feel while using cloud resources. Human error is the biggest trigger that leads to compliance problems for big data companies out there and is obstructing their journey for digital transformation [1].


Although cloud vendors make necessary arrangements to make sure that compliance and data policy is consistent throughout the network, a part of this responsibility also rests on the shoulders of users as well. If users continue misconfiguring the security updates and patches rolled out by the cloud vendors then the complete notion of cloud security will be lost.


Misconfigurations that lead to Breaches

The most common form of misconfiguration includes leaving an unencrypted data or piece of information exposed to the public network without any authentication or authorization protocol required to access it. So, in simpler terms, anyone that stumbles across that piece of data can exploit and use it however they want to. The escalation of this misconfiguration leads to exposing the data of the users out on the global networks as well as leaving encryption keys and passwords within the open repositories [1].


These series of events provide hackers and potential cyber criminals with the type of arsenal they require to continue nefarious acts of violating data privacy, ransoming private information [1], or installing bugs or malicious tools within the company's network system thus compromising the cloud.


According to statistical research conducted through a survey in which 300 CISOs participated, security configuration remained the top concern within the cloud environment for which 67% of participants voted. The next line was lack of visibility when it comes to speculating the network endpoints which was verified by 64% of the group. And last but not least was the identity and access management related threats that accounted for about 61% vote of the CISO professionals [2].




Are we cloud Safe?

How would you know when something goes wrong before it does? Easy! Keep an eye on it and know when it happens with alerts and signals.


Some of the more recent stats, to get the full report go to 2020 Report

  • The top four public cloud security threats: the leading threats cited by respondents was a misconfiguration of the cloud platform (68%), up from third in 2019’s survey. This was followed by unauthorized cloud access (58%), insecure interfaces (52%), and the hijacking of accounts (50%).

  • The main security barriers to cloud adoption:  respondents named a lack of qualified staff (55%) as the biggest barrier to the adoption – up from fifth place in last year’s survey. 46% cited budget constraints, 37% data privacy issues, and 36% a lack of integration with on-premises security.

  • Existing security tools struggle with public clouds: 82% said their traditional security solutions either don’t work at all, or only provide limited functions in cloud environments, up from 66% in 2019 – highlighting an increase in cloud security issues over the past 12 months.

  • Public cloud is riskier: 52% of respondents considered the risk of security breaches in public clouds higher than in traditional, on-premises IT environments. Just 17% see lower risks, and 30% believe the risks are about the same between the two environments

  • Cloud security budgets to rise: 59% of organizations expect their cloud security budget to increase over the next 12 months. On average, organizations allocate 27% of their security budget to cloud security.

Want more Cloud Security Stats? Check this Report


Prevention of security breaches from cloud misconfigurations

The sole purpose behind the adoption of cloud systems is so that the overall cost overhead could be reduced, agility could be maintained and digital transformation can take place [3]. But a single security breach can turn all of this to dust, this is how serious the matter of security is for the cloud systems. Because this way not only the user that misconfigured the security updates and user policies are affected but various others minding their own business on the cloud also come under the influence [3].


Configuration of workload is the customer's responsibility

There is a shared responsibility model that holds the agreement of use between the user and the cloud service providers. The responsibility of the cloud service provider is that they must provide secure installation and management of the software systems as well as the hardware systems. And the customer's responsibility lies in proper handing and configuration of these resources as provided by the cloud service providers.


Although it is recommended that users and high-end businesses that rely heavily on cloud computing power should choose those cloud vendors that use automated system update and implementation protocol instead of using manual configuration. This way not only the downtime could be avoided that might result from a security breach occurring due to the mishandling of updates and security patches by the users but the consumption of time required to install those updates could also be minimized. Following is a statistics depicting the use of cloud vendors by the public in relation to their choice of choosing automated cloud systems;




And with the effective development of computing systems along with a trend shifting towards the use of DevOps practices instead of sticking with the standard ones the application developers are using IaC or infrastructure as code to automate the deployments. Although it is important for businesses to adopt cloud systems and shift their business to the cloud they must also take the proper training on how to properly use the resources allocated to them by the cloud with strict best security practices [3].


Security assessments done at a specific time won’t help combat future complications

In a physical data center, the InfoSec team would define the security policies for the infrastructure that the engineering team for the hardware and software implementation needs to comply with.


The InfoSec team would then assess the infrastructure set up by the management and engineering teams to find any deviations from the standard. If any error or possibility of a breach is found the management team could take action and remove that element altogether to secure the company's data center from future security-based incidents.



But in the cloud, the game has to be played a little differently. If you did an assessment of the cloud systems today and found something that needs to be changed or added security measures to be instated chances are that it won’t stick for very long and definitely can’t help you prepare for the future. The configuration standards for the cloud would continue to change, cloud systems are rebuilt quite often and the average lifespan of development is estimated for days instead of for weeks and months. Therefore it is important to keep updating yourself as the cloud changes instead of sticking with the old digital interactions or otherwise it would lead to a security breach which is technically a misconfiguration for not complying with the latest set standards of cloud security.


Compliance and misconfiguration in cloud

When it comes to eliminating the misconfiguration done by the users or the cloud vendors it is important that some kind of compliance is in action and working to ensure that no deviation from the standard operating baseline takes place. Various frameworks, laws, and regulations are already working to ensure that nothing out of ordinary takes place such as NIST, CIS, HIPAA, and PCI [3].





Want to know how secure your cloud is? Get to know the Nimble Secure Cloud? Why not getting in touch with us and running an assessment of your environment 14 days free of charge? Get in touch





It is therefore paramount to stick with these compliance systems in order to avoid misconfigurations within cloud systems and ensure a safe passage for every user in line for using cloud resources.





References

[1]

https://www.infosecurity-magazine.com/news/cloud-misconfigurations-compliance/

[2]

https://securityboulevard.com/2020/06/security-misconfigurations-a-leading-cause-of-cloud-data-breaches/

[3]

https://www.forbes.com/sites/forbestechcouncil/2019/07/05/how-to-prevent-security-breaches-resulting-from-cloud-misconfigurations/#7d248ec36c9e


© 2020 by NSC42 LTD

  • White LinkedIn Icon
  • YouTube - White Circle
  • White Twitter Icon
  • medium logo
  • White LinkedIn Icon