BlogCloud (Mis)Configurations Expose Security Risks

Interesting article from Data Center Knowledge. It’s a known issue in IT and ASG can fix the problem in a heartbeat with Dome9 from Check Point Software Technologies.

From the article:

Despite a great deal of attention to the problem, cloud configuration continues to be a major issue. When data and applications are moved from on-prem environments to the cloud, proper access controls don’t always follow.

Last month, online job site Ladders exposed more than 13 million user records it was hosting on Amazon Web Services’ cloud. The reason? Misconfigured access controls on their instance of AWS Elasticsearch Service. In May, security researchers at UpGuard reported that data of more than 500 million Facebook users was exposed by third parties storing the information in unprotected Amazon S3 buckets.  

According to a report released last month by the SANS Institute, 31% of organizations reported unauthorized access by outsiders into cloud environments or cloud assets, up from 19% in 2017. While the leading vector for these attacks was credential hijacking, poor configuration was in second place. These poor configurations aren’t just about databases open to public access. Other cloud systems, like container management platforms, are also popular targets. 

Needless to say, but these vulnerabilities and exposures are becoming problematic and with the growth of cloud computing, they are proliferating. The article continues…

According to an Attivo survey of security professionals conducted late last year, the cloud attack surface was the single greatest threat to enterprises. And a survey released earlier this year by Kansas-based security vendor Firemon revealed that 60% of those surveyed said their cloud deployments have accelerated past their ability to secure them.

Mark here:

The Dome9 Arc agentless SaaS platform delivers full visibility and control of security and compliance in AWS, Azure and Google Cloud environments. It can minimize your attack surface and protect against these mis-configuration vulnerabilities.

By looking at your assets and security configurations across clouds, Dome9 understands and controls security of your cloud assets. Not only does it protect against identity theft and stolen credentials, but it speeds up compliance testing and reporting, prevents security configuration drift. By using Dome9, you can now visualize and assess your security posture, detect misconfigurations, model and actively enforce security best practices. What’s not to like?

Have questions, or need a consultation? We’re happy to chat. Contact us today!

About the Author

Mark Teter, Corporate Technologist

Mark Teter, Corporate Technologist

In his role, Mark is responsible for the strategic direction of ASG’s emerging technology offerings and advancing the deployment of present-day hybrid cloud solutions for our customers. Mark has served as Faculty Staff Member at Colorado State University and has written over 50 white papers on subjects including Data Center Ethernet, Linux and Open Source, Storage Area Networks and Computer Virtualization. He published Paradigm Shift in 2006, a book on emerging technologies. He is a Google Certified Professional Cloud Architect.