As the idea of “the” cloud has given way to multi-cloud, hybrid-cloud, and mixed-cloud, we find ourselves back in the position we were in a decade ago – with system admins required to control access to multiple, sometimes incompatible, systems. And while these systems are not insecure in themselves, the sheer complexity of the ways that they interact makes it easy for users to open up security vulnerabilities. And this is a bigger problem than you may realize. Not only does cloud misconfiguration open up new territory for threat actors, in the most extreme interpretation, but it also makes a myth of compliance in cloud environments. In this article, we’ll look at why and what you can do about it.
The threat of user misconfiguration
Let’s start with what seems like a bold claim that – misconfiguration is by far the biggest security threat to cloud environments. Think about the issue, though, and you’ll understand that this cannot help but be the case.
That’s because the vast majority of cloud services in use in organizations today (or at least those that take security seriously) come equipped with fairly advanced security measures not just access control, but encrypted cloud storage and secure tunnels for exchanging data. Similarly, most system administrators are now familiar enough with cloud systems to be able to structure access in a secure way. This means that the only real threat vector left to actors who seek unauthorized access to your cloud data is ‘in the gaps’ between cloud services.
This kind of multi-system access control is where the majority of misconfigurations occur. This is completely understandable when you consider that human error is still behind about 90% of data breaches. The average employee must now work across and between dozens of accounts and multiple cloud services. In such an environment, it’s easy for mistakes to creep into your security systems.
This may come as a surprise to some system admins. The industry press has been full, in recent years, of stories of ransomware and crypto-jacking to mine Bitcoin and other cryptocurrencies and various other exploits. Surely these are the biggest dangers we face?
Well, yes and no. These are certainly dangerous, and they are certainly on the rise. But in order for these types of attacks to be successful, they need a vulnerability. And that vulnerability normally comes in the form of a misconfiguration.
In general, there are three main types of cloud misconfiguration that can lead to vulnerabilities. These are:
- Misconfiguring the native cloud environment
- Misconfiguring on-premises data centers that act as clouds for your employees
- Not securing equally across multi-cloud environments (i.e., different brands of cloud services providers)
All of these misconfigurations are dangerous, but the third appears to be the most frequent source of real vulnerability. According to recent research undertaken by Trend Micro, which looked at cloud-specific cyberattacks and sought to uncover their mechanisms, it is at the intersection of different clouds that most misconfigurations occur.
This is partially a technical problem and thus partially the responsibility of admins and engineers. However, it’s important to recognize that it’s also a business problem, and one created by the way that the typical cloud service is contracted and run. Because third-party cloud providers generally make much of their ability to secure the cloud storage they offer, companies tend to (naturally) regard these systems as secure in themselves, without thinking about the broader risks they pose.
This is a particular problem, of course, in sectors that have recently had to build cloud expertise from scratch, such as in hospitality. However, even the most technically adept organizations can find themselves a victim here.
Protect Your Systems
So much for the bad news. The good news is that cloud misconfiguration issues are relatively easy to fix once they are identified, and building a system for preventing them can rest on a few relatively simple principles. Ideally, these steps would be taken before migrating to the cloud, but in reality, they are likely to be completed and implemented on an ad-hoc basis as new cloud systems are added to existing infrastructure.
With that in mind, system admins should immediately seek to:
- Check that the principle of least privilege is being applied consistently. Ideally, access should only be given to users who need it, rather than leaving permissions open to anyone. These permissions should be consistent across cloud systems.
- Clarify your role within your organization’s security structure. While cloud service providers have built-in security, the companies using their services are responsible for securing their data. That might mean that you are liable for data stored in third-party clouds.
- Monitor your cloud infrastructure for misconfigured and exposed systems. Tools are available to identify misconfigurations and exposures in your cloud environments, so you should use them.
- Finally, recognize that your data and applications in the cloud are only as secure as you make them.
There are enough tools available today to make your cloud environment – and the majority of your IT spend – at least as secure as your non-cloud legacy systems. This requires, however, that you take cloud security seriously instead of merely hoping that your cloud provider is protecting your data.
Finally, we should also recognize that misconfiguration is not a fix-and-forget issue. Rather, mistakes can (and will) continually creep into the most well-administered systems. That means that you should conduct regular audits that look at the way your cloud systems fit together. Not only will this catch issues as they arise – and therefore make your systems more secure – but audits like this will also position you well for the next stage of cloud evolution: the growth of cloud edge systems.