A historic 424 percent jump in breaches related to misconfigured cloud infrastructure, largely due to human error. -IBM, 2018
Why is the cloud so vulnerable to human error?Almost no breach involves a fault of the public cloud vendors and they don’t stop propagating two messages, first, their cloud infrastructure is secure and second, customers are responsible for their data. The second part is what seems to be the root of the problem. Currently, the job market for public cloud experts is red hot and combined with a cybersecurity employee shortage of an estimated 3,5 million missing experts by 2021 it isn’t easy to get one of those unicorns that feel at home in the public cloud and are security experts. “Put simply, cloud technology is a victim of its own success,” said Will Venters, assistant professor of information systems at LSE.
Everything is onlineMisconfiguration happens everywhere and probably more often than you would assume, but in a traditional data center environment, it might not be so apparent when smalls mistakes happen. On the other hand in the public cloud, everything is an online endpoint and is addressable over the public internet. Storage, Servers, Databases all have an online access, which of cause can be restricted by proper configuration.
How to stop human error?It will be hard to impossible to stop human error, therefore the least you can do is try to prevent them or remediate them after they occur. So where to start? You can break it down into three main domains:
VisibilityWhat you can’t see, you can’t fight. Prioritize complete visibility into your cloud environment first, because all future steps rely on visibility. Think of these questions:
- Who has which grade of access to which resources?
- What does my infrastructure look like?
- Are there unused resources in my network?
SecurityYou are responsible for your data in the cloud, so make sure to get every department onboard to work on accepted security standards for everyone.
- Review the Shared Responsibility Model
- Work with all departments from security to development to implement clear guidelines
- Train and certify your employees, human error often is a result of lack of skill
MonitoringSecuring your cloud once and moving on doesn’t work. With DevOps and continuous delivery, it becomes clear that there has to be a process for real-time monitoring:
- Use onboard tools like AWS trusted advisor or Azure security center
- Implement a third party tool that monitors multi-cloud environments and multiple accounts
- Have remediation steps defined and define an owner who is responsible for the monitoring