Jonathan Nguyen-Duy, vice president, Fortinet, discusses how cloud misconfigurations can lead to disrupted services and unexpected costs, as misconfigured cloud-based resources leave critical environments at risk.
Cloud services adoption has gone through the roof in the past year, driven largely by the acceleration of digital transformation and the shift to remote work ushered in by the pandemic. In fact, Gartner predicts that global spending on public cloud services is expected to reach $332.2 billion in 2021, an increase from 23.1% in 2020.
But for all the benefits that cloud brings, security must be a foremost concern. One of the most common cloud security challenges is misconfiguration, which can produce a cascading effect of problems. Recently, a misconfiguration caused an hour-long outage for users (including major U.S. and European news outlets and a UK government website) of cloud service providerÂ Fastly.
In fact, according to Fortinet’s 2021 Cloud Security Report, 67% of cybersecurity professionals surveyed said that misconfigurations remain the biggest cloud security risk. Indeed,Â Â Â Â Â the NSA declared in January 2020 that misconfigurations are one of the top four primary cloud vulnerabilities.
As Cloud Adoption Grows, so Does the Risk of Misconfiguration
Migration of enterprise computing from data centers to public clouds was accelerated with the shift to remote work. In the aforementioned survey, 56% of respondents said they planned to be running half or more of their workloads in the cloud over the next 12-18 months. As cloud use increases, so does the likelihood of misconfiguration. Cloud misconfigurations occur when a user or team specifies settings that fail to provide adequate security for their cloud data.Â Without strong security measures, attackers can exploit those misconfigurations to compromise or steal cloud data. In fact, GartnerOpens a new window estimates that through 2025, 99% of cloud security failures will be the customer’s fault.
Misconfigurations can lead to disrupted services and unexpected costs, as misconfigured cloud-based resources leave critical environments at risk. Malicious actors can wreak havoc by targeting a misconfiguration as they move laterally within an enterprise’s infrastructure.
The Problem of Shared Responsibility
Currently, organizations that use the public cloud address security according to a shared responsibility model. This creates complexity because each cloud environment brings specific protocols, requirements and standards. As IT security teams work to make multi-cloud environments secure, they have a dual challenge. They must adopt the protocols of each cloud instance, and they must also find solutions with the flexibility to support security functionality within the context of the shared responsibility model. It must work for specific cloud environments and between clouds.
This shared model is focused on both the security of the cloud and in the cloud. The security of the cloud, with all it comprises infrastructure and platforms â€“ the storage, network and compute layers â€“ is the responsibility of the cloud provider. The customer takes responsibility for security in the cloud, including everything that is stored, deployed or built in the public cloud.
The arrangement is helpful to the customer, since it shifts much of the operational weight onto the provider, who operates, controls and manages everything from the host operating system and virtualization layer down to the physical security of the building that houses the service. The downside is that this arrangement can lull customers into a false sense of security, such that they slacken the security vigilance in multiple layers of their own environment.
Solving the Problem
The first step to solving any problem is recognizing there is one â€“ and almost all the respondents to Fortinet’s cloud survey said they were at least moderately concerned about cloud security. About a third (32%) said they are extremely concerned. Organizations need to have transparent visibility and control across â€“ and between â€“ public cloud deployments to reduce the risk of misconfigurations by identifying and remediating them before damage is done.
A cloud access security broker (CASB) solution can help identify cloud misconfigurations in real time and track them against compliance mandates and regulatory standards. This allows IT teams to consistently identify misconfigurations and expedite remediation. CASB solutions are a proven approach for continuous monitoring that corrects misconfigurations before they can be exploited.
Overcoming Cloud Risk
The recent cloud outages remind us that in a world full of cloud risks, misconfiguration remains one ofÂ the biggest security risks. As enterprises flock to the cloud, they often leave massive vulnerabilities exposed, making it far too easy for bad actors to gain access. Organizations need to ensure that they have the tools to move their business objectives forward and that their employees have the know-how to effectively manage their security posture. Â Enterprises need visibility and control, as well as continuous monitoring, to ensure that they are seeing into their cloud configurations in real time. This will reduce the possibility of misconfiguration, creating a safer cloud environment.