Knowledge of cloud configuration is vital
One in three IT professionals believe that cloud security is the responsibility of their selected cloud provider, while a further 65 percent of IT teams underestimate the real damage that a cloud security incident can cause.
This is according to the 2019 security report by Tel Aviv-based cybersecurity company Check Point, which also notes that cloud services are vulnerable to three main security issues: account hijacks, malware delivery and data leaks.
Most importantly, how these vulnerabilities should be mitigated is in question by some IT professionals, with Check Point finding: “Misconceptions about the levels of security needed, along with a lack of understanding regarding the responsibility for that security, are common. This leaves the door wide open to breaches.”
Misconfiguration of the cloud is consider to be the highest security threat by 62 percent of IT professionals when they are working with public clouds. (Last year McAfee reported that they had identified over 2000 misconfiguration incidents per month, all of which left enterprise data in a vulnerable state.)
In January this year, meanwhile, it was discovered that cloud security specialists Rubrik had suffered a major security breach after a misconfigured server revealed confidential client contact and configuration data, including data belonging to the NHS and the US’s Department of Homeland Security.
Do You Know What Your Provider’s Shared Responsibility Model Is?
Many cloud service and infrastructure providers operate on what is known as a shared responsibility model. While the specifics of this mutual agreement differ for each company, it is generally considered that the cloud provider is responsible for the security of their own cloud infrastructure, while the customer is in charge of the security of their data in the cloud.
This is the understanding that the provider will manage and control certain elements such as the hosting infrastructure of the cloud and the virtualization layer of the software. Cloud providers are also of course responsible for the actual physical security of the cloud infrastructure.
AWS Shared Responsibility Model
Using AWS as an example, its customers operate under Amazon’s shared responsibility model in which they are responsible for the configuration and management task that accompany services such as Amazon Elastic Compute Cloud and Amazon Virtual Private Cloud.
“If a customer deploys an Amazon EC2 instance, they are responsible for management of the guest operating system (including updates and security patches), any application software or utilities installed by the customer on the instances, and the configuration of the AWS-provided firewall (called a security group) on each instance,” AWS have stated.
In order to be fully secure when using cloud services on cloud provider’s infrastructure, it is vitally important that IT departments are fully aware of what their key obligations are; systems are only ever secure if they are configured properly.
Security and the cloud will continue to be a battle in which neither side is allowed time to rest as Check Point comments in their report: “As time passes, threats to the cloud will continue to evolve. Attackers will continue to develop more and more tools for their cloud playground, pushing the limits of the public cloud services. Indeed, as new cloud exploitations emerge, there is no doubt that the next attack is already taking place.”