Companies are increasing their cloud adoption. Simultaneously, cloud environments face both the security challenges of on-premises environments and new ones that arise from their core benefits. Hence, companies should become smarter about their defenses. Here, Mark Kedgley, CTO, Netwrix, shares the best practices regarding cybersecurity defenses.
I find that the second week of a diet is easier than the first — I have always given up by then! While we all know that the only way to achieve lasting fitness is to eat smarter and be active, it is difficult to stop looking for a magic pill. We want to believe that just a kale smoothie will deliver the results we want.
Similarly, there are no shortcuts to attaining strong cybersecurity, and many organizations are falling short of their goals. Netwrix recently surveyed over 700 IT security professionals, and there were a couple of findings that should grab everyone’s attention:
- The percentage of organizations that suffered a phishing or account compromise attack in the cloud nearly doubled from our survey in 2020.
- Targeted attacks on cloud infrastructure have also become far more common: 29% of respondents experienced this type of attack within the last 12 months, up from just 16% in 2020.
Source: Netwrix 2022 Cloud Security Report
Even as the threat to cloud IT systems grows, organizations are increasing their cloud adoption. About 54% of workloads are planned to be in the cloud by the end of 2023, compared to 41% today. Accordingly, it is vital to get a lot smarter about cybersecurity defenses.
As with fitness, strong cybersecurity requires disciplined, consistent practice. It is not quite “no pain no gain,” but it is much more than just buying a SIEM system and configuring some firewall rules. Indeed, cloud environments face both the security challenges of on-premises environments and new ones that arise from their core benefits, such as:
- Dynamic/ephemeral provisioning of container applications and cloud infrastructure on demand
- DevOps practices such as continuous integration and continuous deployment (CI/CD)
- The flexibility of public, private and hybrid cloud environments, which offer additional options on top of the standard data center infrastructure we already need to secure.
See More: Cloud Security Posture Management: Four Ways To Clear Your Clouded Vision
Pre-migration Best Practices
Let us assume that a strategic business case has already been made to migrate to the cloud. Today that often happens when the realization dawns that a new data center will be needed or a hardware refresh is coming around. The eye-watering costs and the anticipated logistical challenges almost inevitably lead to the conclusion that cloud computing would make life much better.
A key question that decision-makers should consider: are we re-hosting, re-platforming, or re-architecting? The answer is largely driven by whether or not the assets in question are in-house developed applications and the current state and future direction of IT services. For most organizations, it is a combination of all three paths because every application has different requirements for now and moving forward. If you are stuck with any legacy applications running on old platforms, then it is likely that a hybrid cloud is coming your way. Then you will have the opportunity to reap the benefits of DevOps with a CI/CD pipeline and instantly refreshed, elastic, container-based microservices applications down the line!
From a security standpoint, the cloud is highly attractive if it removes your data center security and business continuity responsibilities. However, even though you will no longer have a physical data center to secure, you will need to implement new access security controls and get a clear understanding of the activities and rights of your in-house resources and those of the service provider.
Start with the basics. One fundamental security best practice is the principle of least privilege. But that principle is as likely to be flouted in the cloud as on-premises. It is simply easier to over-provision accounts than to tailor rights as tightly as possible, much as it is easier to overindulge in treats or skip today’s workout than to stick to your fitness plan. For help, look to cloud infrastructure entitlement management (CIEM) tools that facilitate processes like regular entitlement reviews to accurately enforce the least privilege, as well as monitor user activity and maintain clear and complete audit trails. Also, consider adopting a zero standing privilege (ZSP) approach in which privileged access is granted only temporarily, on demand, when required.
Multifactor authentication (MFA) offers another layer of identity security, helping to prevent the hijacking of credentials. In many cloud environments, MFA is offered as a configurable option but is not a default setting. Organizations need to weigh the benefits of increased security against the risk of user frustration and productivity losses.
Pre-built images provide a good starting point for hardening an environment. It is vital to remember that hardening is not a one-time operation; you also need automated, continuous monitoring for drift backed by effective reporting and alerting. It is rather like an exercise log that helps you keep your fitness program on track.
However, effective change control can be a steep challenge. You need a consistent picture across all cloud systems in use, including hybrid and private clouds, as well as the traditional data center and legacy IT platforms and applications. And on top of gaining complete visibility into all changes, you need to understand whether each change was planned or unplanned, good or bad, expected or potentially malicious. Again, there are tools and technologies that can help you achieve and maintain a hardened cloud or hybrid infrastructure.
Cloud technologies and platforms are comparatively new, so none of us have as much experience with the challenges as we do with systems like Linux and Windows. So set the alarm clock and get to the gym early — as soon as you finish your workout, there is another busy day of cloud security to get on with!
What are the best practices you are following to keep your cloud environment secure? Share with us on Facebook, Twitter, and LinkedIn.
MORE ON CLOUD:
Image Source: Shutterstock