Security leaders across the world choose cloud platform due to higher data security as compared to the on-premises database
The start of the pandemic saw increased reporting of a data breach of enterprise across the world. Cloud platforms were attacked as well, due to misconfigured servers. Such errors were attributed to human issues.
Employees are setting up cloud servers with no or loose credentials and pushing them to production without ramping up the security. Other shortcomings include not patching the software when vulnerabilities are detected and failing to involve the IT department to evaluate the completed production app to ensure the highest level of security.
Several of these issues are most often due to human oversight, which results in misconfigured servers.
Not securing storage containers
Security leaders point out that it’s common to discover data caches across open cloud servers. These can contain all sorts of sensitive data about clients, employees, and organizations.
At times even security resellers platforms are known to leave files open on the cloud data containers. Such open storage containers are a result of developers not following proper protocols when creating them. Cloud storage is generally inexpensive and hence has resulted in proliferation over the last couple of years.
CIOs suggest that enterprises monitor domains using discovery tools like BinaryEdge.io and Shodan.io. Segmentation of cloud servers is critical; this can be done using Virtual Networks or Virtual Private Clouds, provided by known cloud vendors like AWS and Azure.
No protection for applications
Network firewalls are not helpful for the protection and monitoring of web servers. The pandemic saw attacks increase two-fold on web applications. A conventional website has dozens of software and tools. Applications are interlinked in a complex manner with various products that connect across many services and servers. WordPress was one of the software that was identified as being the most vulnerable.
Web application firewall may provide the much-sought-after respite. Organizations using Office 365 or Azure should consider using Microsoft’s Defender Application Guards to identify threats and mitigate malware from encroaching on the infrastructure.
Non-deployment of MFA
Enterprises have been known to run into complexities when deploying MFA, and as a result, have ended up using only SMS Multi-factor Authentication or none at all. Many cloud applications are devoid of any MFA; this includes the admin accounts too. The typical communication apps like Disqus, Yammer, and Crashplan do not have compatibility with extra authentication measures.
Commercial apps with no MFA can’t be rectified; however, enterprise SaaS applications can be protected with Authy’s or Google’s authenticator apps. It’s advised to continually monitor the Azure AD global administrator roles for suspicious changes as well.
Being unaware of access rights and leaving ports open
Access rights monitoring has two issues. Firstly, most IT shops tend to deploy all Windows endpoints with administrative rights. It’s not an exclusive cloud liability; however, cloud-based virtual containers and machines can end up having too many administrators. Sharing a common admin password should be avoided. Secondly, most security devices can’t identify common privilege escalation attacks on the enterprise network.
CIOs say that employees need to be trained on turning off legacy and redundant ports to reduce the attack surface. They should be discouraged from using FTP to reach the cloud servers. This could be one of the most significant ways to secure the cloud!