Keeping Up with Cloud Security

As cloud security continues to be a primary concern for enterprises choosing a cloud platform, automation of key processes provides CIOs and CISOs with the tools they need to avoid misconfigurations and use the cloud securely.

Security at the top

Security continues to be the primary goal of IT decision-makers when deciding on cloud platforms, according to AllCloud’s 2020 Cloud Infrastructure Report. It seems stories of enterprise data breaches often dominate headlines, and many of the associated errors can be attributed to cloud misconfigurations. In a discussion on cloud security, Gartner highlights that “the challenge exists not in the security of the cloud itself, but in the policies and technologies for security and control of the technology.”

In other words, cloud security isn’t a one-sided job; how we use the cloud securely is an often overlooked, but key factor to meeting security objectives.

Using the cloud securely

Security maintenance can be approached from various angles. The CSA, for example, outlines the following four avoidable, yet common visibility, reporting, and misconfiguration errors from a recent report by McAfee:

  • Unrestricted outbound access
  • Unrestricted access to non-HTTP/HTTPS ports
  • Unrestricted inbound access on uncommon ports
  • Unrestricted ICMP access

In these cases, limiting outbound traffic to specified apps and servers, while monitoring inbound access to restrict high-level ports to specified systems can significantly lower cloud misconfiguration errors. Ensuring services such as SSH (Secure Shell), RDP (Remote Desktop), as well as ICMP (Internet Control Message Protocol) are not open to the internet is also a simple, but important factor that can seriously affect threat risk (CSA).

From this angle, maintaining restrictions is key in keeping control in cloud security – but what’s the best approach to proper maintenance?

Automation as a solution

Security strategist Lucy Kerner proposes enterprises “automate anything and everything they can” to maintain visibility and control of their infrastructure while lowering security risks associated with manual monitoring. Compliance and governance, for instance, are still often monitored manually, a process that becomes increasingly error-prone when dealing with hybrid systems. By automating key security controls, these processes are made repeatable, shareable, and reproducible (Kerner), lowering the risk of manual control and misconfigurations errors.

An increasing number of companies agree with Kerner. Symantec, for example, describes automation as “the key to effective DevSecOps”, which is based on the idea that security should be a part of every step in the application development process. In another example, automation in NDR (Network Detection and Response) allows the real-time monitoring of network communications for rapid threat detection (CSA). These are only some of the tools and approaches CIOs and CISOs are making to actively maintain cloud security.

Along with data and supply chain security, advances towards more automation is something all enterprises should strive for more of in 2020. At LeCiiR, we want you to Live Easy and securely. For questions on this topic or any others, don’t hesitate to contact us.

References

AllCloud, AllCloud reveals current and emerging trends in cloud infrastructure. January 2020.

James Woods (Symantec), Cloud, Automation and the Future of DevSecOps. October 2019.

Kasey Panetta (Smarter with Gartner), Is the Cloud Secure? October 2019.

Kevin Tatum (CSA), 4 Common Cloud Misconfiguration & What To Do About Them. November 2019.

Lucy Kerner, 4 Hybrid-cloud security challenges and how to overcome them. 2019.

Images: Pixabay

Chloé Dupuis

Recent Posts

A Look at Gartner’s Top Strategic Technology Trends for 2021

Gartner released its top strategic technology trends for 2021 last month providing organizations across the…

November 10, 2020

2020’s Emerging AIOps Trends for Business Continuity

The integration of AIOps infrastructure, network, and cloud monitoring into enterprise DevOps processes is key…

October 27, 2020

The DNA-Based Solution to Our Data Storage Crisis: Where It’s at in 2020.

In April 2019, predictions made on the World Economic Forum estimated the entire digital universe…

October 13, 2020

2020 AI and New Neuromorphic Chips Lead Modeling of the Human Brain

The next generation of AI is all about neuromorphic computing and simulating the neural networks…

September 29, 2020

Back to school 2020 New Leading Tech Topics – Directed by COVID-19

Back to school headlines this year have been dominated by uncertainty related to COVID-19. And…

September 15, 2020

Decentralized Storage Networks Transform the Cloud: Filecoin and Storj Among Top 2020 Leaders

Blockchain network Filecoin is set to disrupt cloud storage starting next month as the growing…

September 1, 2020