For years now, organizations have resisted moving key enterprise systems to the cloud because of their concerns around cloud security. However, the idea that cloud offerings like IaaS, SaaS, and PaaS lack strong security controls is myth. In fact, Gartner posits that public cloud service providers (CSPs) are even more secure than traditional in-house implementations. Instead of tailoring their products to organizational structures, applications, policies, and politics, cloud products are designed to meet rigorous security standards like ISO 27001, SOC 2, and FedRAMP.
But while these products are often built with strong security controls, human configuration of these tools still creates risk. Gartner estimates that 99% of cloud security failures through 2025 will be customers’ fault. Customizing cloud systems and applications – a necessary step for many integrations – alters the security of the product, exposing organizations to new risks, if not managed properly.
The first step in assessing and managing cloud security is evaluating the tools (e.g., automation scripts, APIs, third parties, VPCs) that are used to generate and provide cloud resources to your users. In this post, we’ll look at the three most critical cloud security risks facing businesses today and how to address them.
It makes sense that the most critical area to secure is the control center: the management plane. But maintaining management plane security is a tough challenge. The management plane configures, monitors, and, of course, controls the entire environment. This is where configurations are made and managed and also where cloud security risk germinates. Let’s look at some areas within the management plane that can impact cloud security.
APIs give cloud customers the ability to customize their cloud experience and integrate cloud products with other applications. Leveraging APIs is a critical part of making a cloud service useful to the business.
However, APIs are also a source of great risk. They open a communication channel between products, which can expose your platform to security threats. Essentially, your applications are only as secure as the applications connected to them. And even between trustworthy connections, you need strong authentication, authorization, logging, and monitoring controls to maintain API security.
Securing your API environment begins with frequent communication with your application stakeholders. Start by understanding which tools they need to integrate with your cloud platform and then dive into the risks associated with each. In addition, API configurations regularly change with application updates. API updates should follow established change-management procedures, involving key stakeholders (including the security team) and performing regular API configuration reviews. Adhering to a formal change management process for API updates helps ensure an expanding API environment remains secure against new and existing threats.
Weak identity, credential, and access management continues to plague businesses. Only 28% of U.S. organizations have implemented multi-factor authentication (MFA), and the 2019 Verizon Data Breach Investigations Report found that 80% of hacking-related breaches were the result of stolen or reused credentials.
While cyber awareness training can help address these issues to some degree, the reality is employees will still share passwords, use unapproved software, and download unauthorized content onto work devices. The only effective way to address this risk is through IAM. Limiting access to critical layers of your cloud platform, like the management plane, to trusted, privileged users is the only way to keep malicious actors out. Regular IAM assessments are critical to evaluating your IAM efforts and identifying opportunities for improvement.
Virtual private clouds (VPC) like Amazon VPC have made software defined networking (SDN) popular among many cloud-forward companies. Using a VPC, organizations can provision a logically isolated section of their cloud platform to launch cloud resources in a virtual network they control and define. VPCs provide complete control over these virtual networking environments, including IP address selection, subnet creation, and route table and network gateway configuration.
However, as with APIs, with great customization comes great responsibility. Companies that choose to leverage VPCs for SDN must routinely assess these environments to ensure strong security and access controls are in place and operating effectively.
Data security continues to be one of the biggest challenges facing cloud customers. The first step in protecting your enterprise, employee, and customer data is establishing strong, cloud-specific policies that govern data security.
Container usage took the globe by storm a few years ago, their ease of use and portability making them incredibly popular. But as their novelty has worn off, companies have turned their attention to the security risks they pose. The key to securing containers and the valuable data stored in them is strong governance. Cloud platforms like Amazon AWS provide organizations with a litany of tools that allow them to establish strong access management policies. Let’s take a look:
No matter how strong your policies are or how smart your initial configuration is, regular, thorough access reviews are the cornerstone of secure access. While cloud tools like AWS give you a host of permissions tools (IAM, ACLs, and bucket policies), you need to regularly review all access changes and update accordingly.
Multitenancy has become such a common practice among cloud vendors and customers that many no longer consider it a risk. Sharing application, computing, and network resources in a single cloud environment allows organizations to increase computing speed, use resources more efficiently, and boost business agility. And cloud vendors take great care to ensure customers’ workloads are completely isolated from one another.
However, when tenants begin to customize configurations within their cloud space, they can inadvertently expose their workloads to other tenants, or even worse, open other tenants to outside risk. Features like privileged access management, access logging and analysis, and workload boundary enforcement are important considerations when selecting a multitenant CSP. These help your organization strictly define where your workload can run and prevent unauthorized communications and access.
While cloud products can simplify many processes, data deletion is not one of them. In fact, data deletion is typically a more complicated, riskier process in a cloud environment. It is difficult for organizations to understand where their data is physically stored in the cloud, making secure deletion a challenge. This is further complicated in a multitenant environment, because this data may be located in several different storage devices across the platform. On top of it all, deletion processes vary by CSP, creating another hurdle between you and secure data deletion.
The inability to securely and completely delete data leaves companies unable to verify that leftover data is not available to hackers and creates greater compliance risks, as laws like the GDPR and CCPA give consumers more control over their data.
As with any third party your organization chooses to work with, CSPs come with their own set of risks that can have a serious impact on your organization if not addressed.
Vendor lock-in occurs when the cost of moving to a different CSP is so high that an organization is forced to stay with its current vendor. Unfortunately, this is a pretty common issue with serious implications:
The best way to mitigate this risk is to minimize your reliance on your CSP. Achieve this by 1) making sure your data is highly portable, 2) keeping internal backups, and 3) setting up a multi-cloud environment. These measures make it easier to move your data to a new environment, minimize migration costs, and help reduce your dependency on a single vendor. In addition, putting a clear exit strategy in your cloud service level agreements (SLAs) can help you avoid lock-ins.
SLAs are critical to the security of your cloud environment. SLAs determine everything from mean time between failures (MTBF) to privacy measures and should be tailored to your business’s unique needs and risks. However, with multiple business functions soliciting cloud services from different vendors, it can be extremely difficult to ensure the universal application of strong SLAs, putting your data at serious risk. The keys to establishing strong, secure SLAs are 1) involving cybersecurity leadership in all SLA conversations and 2) tying defined financial consequences to SLAs to hold your CSP accountable to your agreements.
When you select a CSP, you may be choosing to work with more than one organization. A number of CSPs outsource pieces of their infrastructure, operations, and maintenance to third parties, who may or may not meet your security requirements. During the contracting process, it’s important to talk to your CSP about what functions they outsource, what security standards they require their third parties to meet, and how they enforce compliance.
One of the scariest parts of trusting a CSP with your data is the issue of data availability. Platform outages, platform maintenance, platform migrations can all limit your ability to access your data. While the reasons may vary, one thing remains the same: your organization is unable to access the information it relies on to do business, and you are totally dependent on the CSP team to fix it. The good news is there are ways to mitigate this risk. First, when drafting your SLAs, make sure to tie financial consequences to essential services like mean time to repair (MTTR), MTBF, read request timing, and number of retries. In addition, taking the precautions we recommended around vendor lock-in can help improve data availability in the event of a cloud migration or an extended service outage.
A Forrester study found that 67% of respondents migrated to the cloud “by accident,” meaning they were experimenting with cloud solutions and then evolved that test environment into a full production environment. This means that only a third of respondents actually had cloud governance policies in place before making the move to the cloud. When migrating from an on-premise infrastructure to a cloud environment, the bulk of your governance controls will be rendered ineffective, impacting performance management, risk exposure, value delivery, and strategic alignment.
The solution here seems simple: be intentional in your migration and take time to build a cloud-specific governance structure. But, as demonstrated in the Forrester study, this is easier said than done. However, better late than never certainly rings true here. If your organization made an “accidental” move to the cloud, taking the time now to build a unified governance program, covering both on-prem and cloud operations, will help you achieve compliance and reap the full value of your platform.
Cloud security fears have held a number of organizations back from the opportunities and benefits provided by the cloud. The answer to this fear isn’t boycotting the cloud, but instead understanding the central sources of cloud risk and how to address them. As discussed above, limiting customization to necessary changes, involving the security team in cloud integration and management, monitoring access controls and policies, and managing strong third-party relationships can help you reduce cloud risk, while still reaping the financial and operational benefits of moving to the cloud.
Focal Point specializes in helping organizations build cloud strategies, implement cloud solutions, assess and improve cloud security, and manage cloud compliance. Learn more about how we can help or connect an expert below.
Subscribe to Focal Point's Risk Rundown below - a once-a-month newsletter with templates, webinars, interesting white papers, and news you may have missed. Thousands of your colleagues and competitors have signed up! You can unsubscribe at any time.