Common cloud security mistakes and how to avoid them
According to recent surveys, 98% of organizations keep their financial, business, customer and/or employee information in the cloud but, at the same time, 95% of cloud security professionals are not sure their security protections and their team would manage to detect and respond to security threats or incidents affecting their cloud infrastructure.
Common cloud security mistakes
SentinelOne researchers highlighted common cloud security mistakes organizations must avoid if they want to keep their cloud environment safe:
1. Cloud misconfiguration errors may grant attackers unauthorized access to system functions and sensitive data, and have the potential to harm the integrity and security of the organization’s cloud.
2. A frequent cloud security faux pas involves exposing access keys, credentials, and other sensitive information by storing them in plain text or including them into code. This information can allow an unauthorized attacker to access cloud resources.
3. Not using multi-factor authentication (MFA) is a bad practice as an attacker can easily compromise a user’s passwords (through phishing, malware, brute force, etc.) and access data stored in the cloud.
4. Not defining an access control policy may result in files/data being stolen or destroyed. Unauthorized access can be used for additional account compromise and network and system sabotage.
5. Without a backup strategy, organizations can face data loss and business disruption in the event of a cyberattack.
6. Unpatched systems are targeted by cybercriminals who actively search for weak spots (vulnerabilities) and exploit them to access the system, deliver malware, and steal data.
7. Organizations face substantial risks in cloud security when lacking continuous monitoring, as it allows attackers to exploit weaknesses and remain unnoticed for extended periods.
8. Unencrypted data can have serious consequences for an organization: an unauthorized attacker may access it, leading to a data breach.
ESET researchers added another common cloud security mistake: trusting the cloud provider too much.
“Many IT leaders believe that investing in the cloud effectively means outsourcing everything to a trusted third party. That’s only partly true. There’s a shared responsibility model for securing the cloud, split between CSP and customer”, they noted.
Comprehensive security strategies
As Netwrix’s Jeff Melnick pointed out, data, users, applications and infrastructure require distinct protections in the cloud.
It’s essential to assign data access permissions judiciously and revise them often to protect data. It’s also crucial to create a comprehensive inventory and categorization of the data within the organization.
To ensure user protection in a cloud environment, organizations should implement data loss prevention (DLP), encryption, and a zero-trust model with proper authorization through MFA and single sign-on. Also, closely monitoring user activity and employing a cloud access security broker (CASB) can enhance threat detection and enforce security policies across cloud applications.
To protect applications, Melnick suggests using:
- Vulnerability scanning with proactive remediation strategies
- Static application security testing (SAST) for issue analysis
- Penetration testing to identify misconfigurations
- Software composition analysis (SCA) for open-source applications insight
- Change and configuration auditing to monitor alterations affecting application access and permissions
Finally, proper cloud infrastructure security includes regular configuration audits to ensure compliance with organizational policies, automated monitoring for misconfigurations in network components and permissions, and implementing measures for incident prevention, detection, and response, such as advanced malware protection, intrusion detection systems, and traffic monitoring.