Cloud solutions have made it possible for many businesses to stay productive and competitive despite the uncertainty and upheaval of the past couple of years. However, despite all the advantages of moving applications to the cloud, the technology can also present new cybersecurity issues.
Ninety-six percent of a group of cybersecurity professionals surveyed in May 2021 expressed at least moderate concern about public cloud security, according to the (ISC)² 2021 Cloud Security Report. The respondents’ top worries included data loss or leakage (named by 64 percent of security professionals), data privacy or confidentiality (62 percent), and accidental credential exposure (46 percent).
When asked to identify the most significant threats to public cloud security, 67 percent of professionals named the misconfiguration of cloud solutions.
What Is Cloud Misconfiguration?
A cloud misconfiguration occurs when the individual or team setting up the solution selects settings that don’t provide the necessary level of data security, leaving openings that could allow malicious actors to access sensitive information, according to the Security Intelligence article “Misconfigurations: A Hidden but Preventable Threat to Cloud Data.” These mistakes can lead to expensive security incidents for your organization.
In 2018 and 2019, data breaches stemming from cloud misconfigurations exposed 33.4 billion records and cost organizations around the world almost $5 trillion collectively, as stated in the DivvyCloud 2020 Cloud Misconfigurations Report.
As businesses have ramped up cloud adoption, many have failed to simultaneously implement official strategies and policies for the proper utilization of these types of products and services. Subsequently, through 2025, Gartner has predicted that customers – not cloud providers – will be responsible for 99 percent of cloud security failures through 2025.
7 Cloud Misconfigurations to Watch Out For
There are various errors you can make when setting up a cloud solution. Here are some of the common cloud misconfigurations that open the door to hackers and can lead to data leakage, according to industry experts.
- Storage misconfigurations. It’s common to see cloud storage bucket and blob breaches, according to the 2021 Cloud Security Report from Aqua Security. Watch out for permissive storage policies, unencrypted cloud storage (at rest), storage open to the public, and misconfigured access control lists.
- Unrestricted ICMP access. Leaving ICMP protocol exposed to the internet can allow hackers to locate your servers. As a result, you should block ICMP, according to the Cloud Security Alliance (CSA).
- Unrestricted outbound access and inbound access on uncommon ports. The CSA advises restricting outbound traffic to what’s absolutely necessary. Additionally, the Alliance urges limiting access to high-level ports to essential systems only where inbound traffic is concerned.
- Unrestricted Non-HTTP/HTTPS port access. You should either block these ports from the internet entirely or restrict traffic to a limited number of addresses, according to the CSA. Otherwise, if they’re open to the internet, bad actors could brute force the authentication.
- Database misconfigurations. Migrating from a relational database to a cloud-native one can easily lead to issues if you don’t understand that traditional relational security layers will no longer protect your data, according to Deloitte. You’ll need to implement access management at the application level instead of the user level.
- Search set-up errors. Make sure that search functions aren’t misconfigured so that end users can utilize generic IDs to gain broad access to data, Deloitte cautions.
- Container misconfigurations. Cloud container platforms can present a significant security risk if you don’t alter the default configurations (e.g., utilizing the default container names or leaving default service ports open to the public), according to Palo Alto Networks.
How to Avoid Data Breaches Caused by Cloud Misconfigurations
Although improperly setting up cloud solutions can lead to costly security incidents, there are steps you can take to prevent misconfigurations from occurring and identify threats in your cloud environment before they can do extensive damage.
Here’s how to safeguard your cloud data, according to Security Intelligence:
- Establish a secure configuration management program to set baselines for your data.
- Implement network monitoring solutions such as network detection and response (NDR).
Contributed blog courtesy of Stratosphere Networks and authored by Kevin Rubin, president and CIO at Stratosphere Networks. Read more contributed blogs from Stratosphere Networks here.