The Top Cloud Security Threat Comes from Within

One of the biggest cloud security threats your company faces isn’t malicious. In fact, it originates from inside your IT organization.

Accidental misconfigurations pose one of the leading security vulnerabilities IT organizations contend with in the cloud. According to a recent study, 79% of companies had experienced a cloud data breach in the past 18 months—and 67% of respondents had identified security misconfiguration as the top security threat.

Despite incredible advances in cloud security, misconfigurations tend to happen more often in the cloud than on-premises, leading to leaked data, service disruptions, and other costly troubles. This article explores some of the most common misconfiguration risks and how you can address them to tighten up cloud security.

Why misconfigurations happen

Misconfigurations occur for various reasons. Although today’s cloud is more secure than ever, it also has more settings and protocols to be aware of, especially in a multi-tenant environment. Simple oversights such as not ticking a box can have major repercussions. In fact, Gartner estimates 99% of cloud security failures will be the customer’s fault—at least through 2025. 

One reason is that, as data and workloads shift to the cloud, necessary skillsets become much more specialized. Most established IT professionals have far more experience with on-premises security and much less experience and training in the cloud, increasing the chances of accidental misconfiguration. Meanwhile, while newer, less-tenured staff may be more accustomed to publishing data to the cloud, they’re not necessarily accustomed to dealing with security, leading to configuration missteps.

Furthermore, when data and workloads reside on-premises, a firewall provides an extra layer of protection. So even when a setting gets misconfigured, there’s a lower chance of exposure outside the firewall. But if something gets misconfigured in the cloud, the risk is much higher.

Common cloud misconfiguration gotchas

As with many things, prevention begins with awareness. Be on the lookout for these common cloud misconfiguration gotchas.

Overly permissive access privileges

Overly permissive access policies and privileges enable expanded access to far more assets than needed. You may think user credentials are limited only to find out later that they were unlimited.

Storage misconfiguration

Misconfiguration opportunities abound when it comes to cloud storage. Confidential or regulated assets can inadvertently get mislabeled and find their way to external audiences. Furthermore, weak encryption can further expose assets.

Insufficient or misconfigured logging and monitoring

Monitoring and logging play a foundational security role in threat detection and mitigation. When monitoring and logging are compromised, it makes it difficult to detect events and changes and where they originated.  

Not securing inbound and outbound ports

Ports provide opportunities for bad actors. Minimizing unnecessary inbound and outbound ports is half the battle. Restricting access is the other half.

Default system credentials

If a new server is spun up and it doesn’t have a default credential, it may have all-encompassing access. Ensure all systems have default credentials.

Development settings in production

Imagine making changes in development, only to log off and realize you were in production, potentially breaking the application or locking users out. Misconfigured development settings are often the culprit in such scenarios.

Minimizing misconfiguration risk

In addition to awareness, organizations can enhance security practices and policies to help minimize misconfigurations. This includes ensuring clear infrastructure visibility as well as implementing strategies such as automation, targeted training, and regular security audits.

To eliminate many of the traditional misconfiguration concerns of the public cloud, consider leveraging HPE GreenLake in a privatized custom-built cloud, either on-premises or in the cloud. Furthermore, HPE GreenLake Management Services provides managed security services including security monitoring, privileged access management, vulnerability management, and security hardening.

GDT can help your organization make the most of HPE solutions to improve your cloud security posture. Contact the security experts at GDT to learn more.