Cloud Migration has raised alarms about the risks of cloud misconfigurations that can put sensitive customer data at risk
The cloud market expects growth of over 300 billion this year. With rigorous digital migration, it is not a staggering number. Cloud adoption has become a standard business model transformation, but it comes with security threats.
Early this year, CISA indicated the importance of cybersecurity to steer clear of cloud attacks. Most attacks that some companies have already witnessed stem from poor cloud hygiene with mixed computing devices in remote working environments. Cloud misconfigurations can spiral out of control and affect customers as well. According to Gartner, 90 percent of companies that do not control public cloud use will end up sharing sensitive data by 2025.
Read More Interview: Protecting wireless protocols from data breach
Even with secure applications and infrastructure, cloud misconfigurations can create vulnerabilities that differ from traditional security issues. These misconfigurations that can expose brands and their customer data to cyber-attacks will destroy a brand’s reputation.
Several companies use infrastructure as code templates to scale the building and management of applications. These cloud-native applications and practices cause misconfigurations. While incredible speed works in favor of brands, its repercussions are deemed dangerous. The misconfigurations could replicate themselves into the production environment, where sensitive data is usually stored and put everything at risk.
There was a time when misconfigurations affected limited siloed applications or environments. Today, with the greater use of such applications, misconfigurations are growing in number, and it can easily affect the entire organization. Things get worse with brands disabling the logging of cloud storage buckets. Even if a hacker identifies the misconfigurations and enters the bucket, the brand would not know which data was accessed.
Read More Interview: Protecting wireless protocols from data breach
Experts believe that the main reason for cloud misconfigurations is a hygiene-related responsibility. Some brands struggle to demarcate the duties that fall on them, their internal teams, and the cloud provider. The responsibilities go undiscussed and undocumented, and when the hammer falls, everything is already in chaos. A shared responsibility model that is transparent and maintained can limit the risks.
Considering IaaS or PaaS with its variables including network, user credentials, resource configurations, workloads, identity configurations, the responsibility falls on the cloud consumer.
Calling it a reversible trend, experts urge organizations to adopt a holistic cloud security model that addresses security hygiene and shared responsibility. Situational awareness about how teams utilize the technology and leveraging shadow IT and cloud provider APIs is imperative for C suite executives. Brands will also have to identify the most dangerous misconfigurations that can ruin their business and set a protocol to prevent their existence automatically. A fixed template and controlled practices will automate cloud protection.
Regardless of the brand and the cloud provider’s responsibilities, cloud adoption is such a technology where accountability is not black and white. No matter where discrepancies occur – the brand or the cloud provider – consumers will always somehow be responsible.
Gartner reveals that by 2025, 99 percent of cloud security failures will be the customer’s responsibility. Nevertheless, the protection of data and reputation is enough reason for brands to take the necessary steps in adopting a holistic cloud security model and contain cloud misconfigurations.
For more such updates follow us on Google News ITsecuritywire News.
