Industry Insights at 7Clouds® Stay Connected with Industry Trends, Tips and News

As cloud security continues to be a primary concern for enterprises choosing a cloud platform, automation of key processes provides CIOs and CISOs with the tools they need to avoid misconfigurations and use the cloud securely.

Security at the top

AllCloud’s 2020 Cloud Infrastructure Report highlights security as the continued primary goal of IT decision-makers when deciding on cloud platforms, with good reason. Enterprise data breaches consistently dominate headlines,  causing errors which can most often be attributed to cloud misconfigurations. As Gartner explains, “the challenge exists not in the security of the cloud itself, but in the policies and technologies for security and control of the technology.”

In other words, cloud security isn’t a one-sided job; how we use the cloud securely is an often overlooked, but key factor to meeting security objectives.

Using the cloud securely

Security maintenance can be approached from various angles. The CSA, for example, finds the following four avoidable, yet common visibility, reporting, and misconfiguration errors from a recent report by McAfee:

• Unrestricted outbound access
  
  
• Unrestricted access to non-HTTP/HTTPS ports
  
  
• Unrestricted inbound access on uncommon ports
  
  
• Unrestricted ICMP access

In these cases, limiting outbound traffic to specified apps and servers, while monitoring inbound access to restrict high-level ports to specified systems can significantly lower cloud misconfiguration errors. Ensuring services such as SSH (Secure Shell), RDP (Remote Desktop), as well as ICMP (Internet Control Message Protocol) are not open to the internet is also a simple, but important factor that can seriously affect threat risk.

From this angle, maintaining restrictions is key in keeping control in cloud security – but what’s the best approach to proper maintenance?

Automation as a solution

Security strategist Lucy Kerner proposes enterprises “automate anything and everything they can” to maintain visibility and control of their infrastructure while lowering security risks associated with manual monitoring. Compliance and governance, for instance, are still often monitored manually, a process that becomes increasingly error-prone when dealing with hybrid systems. By automating key security controls, these processes are made repeatable, shareable, and reproducible, thereby lowering the risk of manual control and misconfigurations errors.

Similarly, Symantec describes automation as “the key to effective DevSecOps”, which is based on the idea that security should be a part of every step in the application development process. For example, automation in NDR (Network Detection and Response) allows the real-time monitoring of network communications for rapid threat detection. These are only some of the tools and approaches CIOs and CISOs are making to actively maintain cloud security, but advances in automation is something all enterprises should strive for more of in 2020.

7Clouds - Contact us today to discuss cloud security options and set your business up with our secure cloud services.

References

AllCloud, AllCloud reveals current and emerging trends in cloud infrastructure. January 2020.
James Woods (Symantec), Cloud, Automation and the Future of DevSecOps. October 2019.
Kasey Panetta (Smarter with Gartner), Is the Cloud Secure? October 2019.
Kevin Tatum (CSA), 4 Common Cloud Misconfiguration & What To Do About Them. November 2019.
Lucy Kerner, 4 Hybrid-cloud security challenges and how to overcome them. 2019.
Images: Pixabay