Cyber

Cloud computing trends

by Mark Rowe

The average business has about 14 improperly configured IaaS (Infrastructure as a service) instances running at any time and roughly one in every 20 AWS (Amazon Web Services) S3 buckets are left open to the public internet, according to a ‘cloud computing trends’ report published by IT security product company McAfee. Researchers estimate that roughly 5.5. per cent of all AWS S3 storage instances are in a “world read” setting, allowing anyone who knows the address of the S3 bucket to see its contents.

Security incidents are no longer isolated to PCs and applications on the network, owed primarily to the scale of corporate data stored in the cloud as well as the sheer number of events taking place in the cloud. Most, 78pc of organisations are using AWS and Azure together, typically as an official multi-cloud strategy, while AWS leads with 94pc of all access events.

Most, 92pc of companies have cloud credentials for sale on the Dark Web. The report advises that two categories of sharing should raise red flags: sharing with personal email addresses, and sharing via generating an open link that anyone can access. The latter case can lead to uncontrollable sprawl of your data to unknown places.

Comment

Steve Smith, Senior Site Reliability Engineer and AWS Team Lead at IT infrastructure firm Claranet, said: “The cloud security challenges highlighted in this report have little to do with the platform itself, but everything to do with the people using it and, in our experience, people are the biggest weakness here. The major cloud providers like AWS set a lot of sensible defaults designed to support configuration – for example, S3 buckets are now private by default – but unfortunately, it’s very easy to get things wrong if you don’t know how to use the platform.

“We’ve seen many AWS configurations that end-user businesses have developed themselves or have worked with partners that don’t have the right experience, and, frankly, the configurations can be all over the place. When internal IT teams create these environments themselves, mistakes can occur when they don’t have the depth of knowledge or experience to follow best practice.

“A click of a button or slight configuration change can have a major impact on your security posture, so it’s important to get a firm grip of the access controls and have safeguards in place to catch mistakes before they hit the production environment.

“Developing infrastructure as code – effectively, templated scripts that will create infrastructure in any public cloud environment – helps here because it makes it more difficult for mistakes to occur. Any changes in the code need to be peer-reviewed in the development lifecycle, making it much less likely that errors will make it out to the production environment and ensuring that any changes can be tracked and audited. In addition, it’s also good practice to run that code from a centralised location – some kind of CICD server for example – so that only that machine can make configurations and that there’s no way to make changes manually.”

Related News

  • Cyber

    EEMA joiner

    by Mark Rowe

    EEMA, the not for profit, European think tank covering authentication, privacy, risk management, cyber security, the Internet of Things and mobile applications,…

  • Cyber

    The future of cloud

    by Mark Rowe

    Cloud security is becoming increasingly prevalent for businesses in the digital world, says Dominik Samociuk, Senior IT Security Engineer at the software…

  • Cyber

    Securing collaboration tools

    by Mark Rowe

    Before cloud computing, organisations could rely on their company’s firewall to act as a strong, secure perimeter to protect against many application…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing