424%

A historic 424 percent jump in breaches related to misconfigured cloud infrastructure, largely due to human error. -IBM, 2018
Human error is the no. 1 reason data gets lost in the cloud. A recent IBM study uncovered a shocking 424% increase year over year and it suggests it gets only worse from here. Take for example the FedEx breach in February 2018, thousands of sets of user data got stolen, including passports, social security numbers, and credit card data. How did it happen? Simple misconfiguration in Amazons S3, one of AWS storage options.

Why is the cloud so vulnerable to human error?

Almost no breach involves a fault of the public cloud vendors and they don’t stop propagating two messages, first, their cloud infrastructure is secure and second, customers are responsible for their data.     The second part is what seems to be the root of the problem. Currently, the job market for public cloud experts is red hot and combined with a cybersecurity employee shortage of an estimated 3,5 million missing experts by 2021 it isn’t easy to get one of those unicorns that feel at home in the public cloud and are security experts.  “Put simply, cloud technology is a victim of its own success, said Will Venters, assistant professor of information systems at LSE.

Everything is online

Misconfiguration happens everywhere and probably more often than you would assume, but in a traditional data center environment, it might not be so apparent when smalls mistakes happen. On the other hand in the public cloud, everything is an online endpoint and is addressable over the public internet. Storage, Servers, Databases all have an online access, which of cause can be restricted by proper configuration.

How to stop human error?

It will be hard to impossible to stop human error, therefore the least you can do is try to prevent them or remediate them after they occur. So where to start? You can break it down into three main domains:

Visibility

What you can’t see, you can’t fight. Prioritize complete visibility into your cloud environment first, because all future steps rely on visibility. Think of these questions:
  • Who has which grade of access to which resources?
  • What does my infrastructure look like?
  • Are there unused resources in my network?

Security

You are responsible for your data in the cloud, so make sure to get every department onboard to work on accepted security standards for everyone.
  • Review the Shared Responsibility Model
  • Work with all departments from security to development to implement clear guidelines
  • Train and certify your employees, human error often is a result of lack of skill

Monitoring

Securing your cloud once and moving on doesn’t work. With DevOps and continuous delivery, it becomes clear that there has to be a process for real-time monitoring:
  • Use onboard tools like AWS trusted advisor or Azure security center
  • Implement a third party tool that monitors multi-cloud environments and multiple accounts
  • Have remediation steps defined and define an owner who is responsible for the monitoring
Around these basic pillars, you can start developing and implementing your own cloud security approach. Education is needed on all levels, you and everyone else in the organization is responsible for transferring knowledge to prevent human error. If you would like to get certified on AWS or do some hands-on labs have a look here.
Categories: CloudSecurity

Edwin

Thanks for stopping by on elasticcb.com! I write out of a passion for the public cloud and hope you can learn a lot on this site. Let me know if I can help you with anything and feel free to just reach out. Reach me on LinkedIn or Twitter