Are Cloud Infrastructures More Susceptible to Security Breaches?

“The cloud services companies of all sizes. The cloud is for everyone; the cloud is a democracy”

Marc Benioff
Founder, CEO-Salesforce

State of Cloud Security 2021- More Aware Yet More Exposed

Undoubtedly, cloud computing is one of the fastest evolving technologies shaping the present and future of businesses across all verticals. Companies are embracing the cloud infrastructure for a gamut of reasons, including –

  • Lower IT costs
  • Easy IT maintenance and upgrade
  • Improved scalability
  • Faster time to market

Companies are aggressively investing in the cloud infrastructure. A recent survey by Gartner forecasts that the global investment in public cloud infrastructure would exceed USD 480 billion by 2022. It implies that companies are vulnerable to various cyber security breaches such as security misconfiguration, lack of visibility into access, and improper IAM and permission configurations.

One of the latest examples of security misconfiguration is when Microsoft’s internal customer support database and user analytics were accidentally exposed online. The company dug deep into the issue and found misconfigured Azure security rules to be the reason for the same.

Larger the Size of Cloud, Higher the Susceptibility to Security Breaches

A look into the recent IDC state of cloud survey of 2021 indicates that almost 98% of companies that participated in the survey got hit by at least one cloud security breach.

The survey also indicates that while SaaS continued to enjoy the lion’s share of the overall public cloud services market, the impact of Covid-19 forced many enterprises to invest in Infrastructure as a Service (IaaS) to improve their business resiliency.

This shift to IaaS has made companies understand that cloud infrastructure security is a serious threat and requires a different approach. The larger the company, the more it will be investing in cloud infrastructure, increasing the chance of exposing itself more to cloud security breaches.

So, does it mean small and medium-sized businesses are immune to such miscreants? This cybersecurity myth is false, as cybercriminals often attack any cloud infrastructure that lacks proper & advanced security software and skilled security teams.

The Canalys’ cybersecurity review highlights that in 2020, companies that suffered data breaches increased by 119%.

One of the driving factors for this staggering increase is the unfortunate Covid-19 pandemic that swept the globe. It resulted in the need to create secure remote access to a company’s IT resources.

“Cybersecurity must be front and centre of digital plans; otherwise, there will be a mass extinction of organisations, which will threaten the post-COVID-19 economic recovery.”

MATTHEW BALL,
Chief Analyst, CANALYS

Cloud Infrastructure Spending by Company Size

Buoyed by the urgency to meet the digital transformation, companies are now investing in cybersecurity. According to Statista, cloud IT infrastructure spending may reach 74.3 billion U.S. dollars by 2021, and public cloud infrastructure will become a key driver of cyber spending.

It has made the cybersecurity market one of the fastest-growing sectors in the IT industry, with an anticipated cumulative increase of 75 trillion USD for the five years from 2021 to 2025.

Exposure to Sensitive Data Leaks by Cloud Footprint

Companies with higher cloud footprint are more susceptible to sensitive data leaks due to:

a. Human Error

Sometimes it can be humanly impossible to understand the security features of cloud infrastructure. It causes human errors like unintentional public access to a company’s critical data.

b. Improper Handling of IAM

Identity and Access Management (IAM) allows companies to manage users and permissions. As the cloud footprint increases, there are more chances of mishandling the IAM, leading to sensitive data leaks.

Watch Out for Those Third Parties

The investment in the cloud comes as a measure to counterattack various cybersecurity threats related to cloud infrastructures like:

Insecure APIs

Gartner’s 2022 report estimates that insecure API would be the most frequent reason for infrastructure attacks that involve enterprise data. The insecure APIs grant easy and unauthorised access to the stakeholders, business partners, and external staff into the cloud infrastructure.

Lack of Visibility

In a multi-tenanted ecosystem, the business may lack visibility in the cloud due to privacy concerns. It results in poor application and network performance and increases the masked security threats. Lack of proper visibility also implies that companies no longer have a holistic idea about access permissions.

SaaS Security

Top Cloud Security Priorities

As companies focus on creating larger digital ecosystems with applications to facilitate cross-company business processes, cyber security remains a cause of concern for the CIOs.

The top 3 cyber security priorities for CIOs are:

1. Compliance Monitoring

The data stored/processed/transferred in the cloud must comply with the internal policies and legal obligations. Companies now focus on stringent rules to ensure their public cloud meets the security governance, privacy, and data protection compliance rules.

2. Access Control Risk

The concerns over using authentication mechanisms to access cloud applications take centre stage. Questions like ‘Who manages user access?’, ‘Is the access limited?’ and so on need answers. CIOs constantly try to find the optimum solutions that ensure cybersecurity at its best.

3. Data Privacy

Addressing data privacy issues is another main concern among CIOs. Data breaches create an irreversible dent in the company’s reputation among its stakeholders.

Cloud Data Breaches Often Begin with Unauthorised Access

Cloud access-related threats are one of the major causes of cloud data breaches. A source concluded that 83% of its respondents experienced at least one cloud data breach due to unauthorised access.

The survey also found a striking relationship between the company size and its exposure to cloud data breaches due to unauthorised access. Enterprises with over 20,000 employees experienced at least 38% cloud data breaches due to unauthorised access. It is because more employees require more cloud resources. It increases the exposure to access-related cyber risks.

Cloud Governance Challenges

When it comes to cloud infrastructure security, cloud governance plays a crucial role. The term cloud governance refers to a decision-making process based on a set of rules that applies to cloud computing services.

An optimum cloud governance solution considers the needs of people, processes, and technology. It also leverages the cloud computing capability of the company. The best cloud governance practice ensures that the operations team works efficiently, the risk and compliance team does their jobs securely while the company reaps financial benefits and distributes widely among their stakeholders.

But why is cloud governance important?

Cloud infrastructure governance adds significant value to the business by:

a. Offering easy and reliable cloud resource management

Companies are no longer interested in using a single cloud workload. Rather, the latest trend indicates a shift towards multi-tenant workload, where different cloud workloads are managed by more than one account. Optimum cloud governance imparts precise security and helps limit the financial security breach. It allows companies to deliver proper access and control to cloud workloads.

b. Reducing the risk of shadow IT

Shadow IT is perhaps the silent killer of an organisation. Lack of knowledge about the available system is usually the reason for the same. A delay in handing over the resources can turn to shadow IT. Cloud governance helps lay down a perfect framework with guidelines to request and access cloud resources quickly.

c. Reducing manual labour

Cloud governance also reduces the dependency on spreadsheets or manual processes to track company performance. Cloud governance sets the ground rules to control access to the data concerning the application. It also sets follow-up actions. Companies using manual entry systems are more prone to cyber security threats. Implementing the best practices saves time and effort, preventing non-compliant activities and budget overruns.

Top Drivers for Governing Cloud Infrastructure Access Permissions

These were the general benefits cloud governance can offer. When it comes to cloud infrastructure, the top reasons that drive businesses to govern cloud infrastructure access permissions are:

  • Adherence to regulatory compliance.
  • Empowering employees with access to IT resources to the point that it is beneficial for them to work seamlessly and efficiently.
  • Prevent confidential, sensitive data from external attacks and unauthorised data access. 
  • Prevent confidential data from internal threats like shadow IT.

Top Use Cases for Managing Cloud Identities and Entitlements

Cloud identity and entitlement management solutions are the need of the hour. According to Gartner, cloud-based identity security products will replace at least 75% of existing software-delivered identity governance by 2022. It provides next-generation solutions to manage permissions and entitlements in the cloud. It is required to address the limitations of existing IAM solutions and is the need for cloud-native identity-centric solutions.

Some of the top use cases of cloud identity and entitlement management are:

1. Single Sign-in

Single sign-on reduces the hassles of maintaining several passwords to access enterprise resources on the cloud. It helps improve the visibility to offer permissions to access the authorised enterprise resources.

2. Centralised console for provisioning/de-provisioning of identities

The centralised console gives a single sheet view of all the provisioned, over-provisioned, and privileged identities. It also allows easy de-provision identities of ex-users. This reduces the risks associated with ghost accounts.

3. Evaluation of permissions and access attempts

You can also monitor the activities such as access attempts and review periodic policies for specific concerns like separation of duties.

4. Detection of unauthorised access

Provisioning cloud services to various users involves a 360-degree control, from account registration to revocation. It sends alerts to the concerned admin in case of any unauthorised identity access to the cloud resources.

Why Invest in Cloud Access Management?

Embracing cloud technology means organisations need cloud identities and access control for a secure cloud operation. It implies existing difficulty in governing access permissions for the gamut of the machine and human identities. These include:

  • Keeping track of the user activity.
  • Evaluating risks such as ghost accounts and shadow IT.
  • Defining cloud policies and access permissions.

As the cloud accounts for big data sets, the chances for human error and the subsequent threat of cyber security breaches is high. Therefore, companies must invest in automation and advanced analytics systems. It reduces the security breach risks and time invested in managing cloud access permissions and identities.

The time spent dealing with Cloud IAM significantly reduces with proper cloud security posture management. It has fueled the CSPM market, which is expected to increase at a CAGR rate of 14.4% during the 2020-2026 forecast period.

CSPM provides optimal solutions to create an infrastructure immune to security breaches due to cloud misconfigurations, lack of visibility, and other infrastructure security issues.

Shared Responsibility Model – Does it Work?

As companies realise the importance of cloud security posture, many are turning to various shared responsibility models for cloud security. Here, cyber security responsibilities are shared between the provider and the company. When the two parties define responsibilities, it reduces the vulnerability of public, hybrid, and multi-cloud security breaches.

However, the downside to this model is that companies might face challenges in creating an optimal responsibility distribution that would generate the best results. Lack of clarity and miscommunication can threaten cyber security posture, thereby increasing the vulnerability to security breaches.

Challenges in Implementing Least Privilege

The least privilege is the practice that restricts access rights for particular cloud identities. It aims to restrict the cloud identities to use the resources required to perform their assigned task. It could be a human user or a machine identity. In other words, it means enforcing the minimum level of user rights to a particular identity.

It reduces the threats posed by privileged accounts such as:

  • Permission to access critical data and systems.
  • Quick access to domain controllers.
  • Theft of valuable and sensitive data.

However, implementing the least privilege is an uphill task. Some of the common challenges that organisations face while doing so are:

  • Limiting users to customise permissions requires a deep understanding of human and machine identities.
  • Prevalent use of legacy systems that fail to detect various user identities.
  • Increase in lack of visibility into cloud infrastructure, if not implemented correctly.
  • Uniform access to manage different users.
  • Lack of expertise.

Conclusion

“Cloud computing is a security challenge, but one that can be overcome.”

Whitfield Diffie
American cryptographer, a pioneer of public-key cryptography

In the post-pandemic world, companies are adopting cloud infrastructure in the race to achieve digital transformation and business resilience.

However, a misconfigured cloud infrastructure leaves the companies open to security breaches. Therefore, the need for efficient solutions focused on cloud security posture to resist such cyber security breaches are in demand, which unify visibility and control over many cloud identities and stakeholders.

Also Read: Why Future of Cybersecurity lies in Cloud Computing

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!