Cloud has reformed the tech landscape, making resource-draining hardware and computing requirements accessible to start-ups and mature organizations alike. In outsourcing key components of your tech stack, however, it’s vital to recognize the greater risk that places upon an organization.
No longer do you have complete control over your attack surface, and cybercriminals are increasingly aware of the profits achievable through cloud-based attacks. Cloud data security & protection has never been more important.
Cloud Computing: Major Benefits, At What Cost?
The term ‘cloud computing’ refers to a company’s use of software and hardware accessed and delivered via the Internet. Instead of applications and programs that are dependent upon physical computers or servers, third-party cloud providers abstract this process away. By outsourcing this complex infrastructure, companies can now delve deeper into their specific niches, without having to dedicate the hefty time and resources into maintaining their own server stacks.
The core premise of cloud computing revolves around remote functions. The main computing functions can now take place on a remote machine – and are no longer shackled to the device which the user is interacting with. Data collection and management throughout this process is handled and accessed by cloud servers, meaning that less resources are demanded from the user’s device itself.
The cloud server’s ability to free up memory and computing power of individual computers leads to more rapid loading times, a better customer experience, and – if properly configured – a more secure environment through which to access data and credentials.
The benefits are not just limited to your customers: cloud allows for application developers to create new computing instances in a matter of seconds. This ease of computing has completely reshaped the agility and speed of the software development life cycle. Now, developers can rapidly verify new ideas and architecture designs without the dependency on expensive on-site hardware or slow procurement processes. This creates an uber-adaptable tech market, with constant influxes of innovative solutions that allow your organization to reach its fullest potential.
When Cloud Goes Wrong: The Capital One Breach
On July 19th, 2019, the transactional data, social security numbers, and credit scores of 100 million individuals in the US and approximately 6 million Canadian individuals were stolen by an attacker. The malicious actor had broken into the Capital One banking servers, leveraging a battalion of misconfigured Amazon Web Service accounts. From there, she extracted files dating from 2009 to 2019 from the AWS-hosted Capital One directories.
A previous employee of Amazon, the Department of Justice described how – while employed at the company – the attacker built a tool she used to scan the AWS platform for misconfigured accounts. She then used those vulnerable accounts to access and download the data of more than 30 entities, including Capital One bank. Alongside data theft, she also planted cryptocurrency mining software.
The attacker – formerly identified as Paige Thompson – posted the Capital One attack path and compromised data on GitHub under her full first, middle and last name. She also boasted about her success on social media. On the productivity app Slack, Thompson explained the method she used to break into Capital One; one person, alarmed by the actions that Thompson was engaging in, told her “don’t go to jail plz.”
As a result of the data breach, Capital One was fined $80 million and went on to settle further customer lawsuits for $190 million.
Key Capabilities for Cloud Security
Misconfiguration is today’s leading cloud security issue. 55% of companies suffer from accidental data exposure, which places massive strain upon cybersecurity resources and greatly increases your risk of attack. While configurability is a major draw of cloud applications, their flexibility also introduces real risk. The way to avoid misconfiguration attacks is a comprehensive and deep view of your SaaS platforms. Prioritize this process by focusing on the apps that house the most sensitive data. Your security tool should automatically identify and classify your databases, allowing you to efficiently prioritize configuration checks. Remember, misconfigurations make you non-compliant.
Alongside misconfigurations, wrongly-issued permissions are major red flags within your cloud integrations. Third-party features and their APIs are often installed with high-level permissions. These are dangerous thanks to their tried-and-tested reliability in cyberattacks. Too-high permissions make cybercriminals’ jobs far easier, as they allow privilege escalation to other systems and databases. The Capital One breach saw their Firewall being used to escalate privileges. To lower your risk of a third-party compromise, always follow the principle of least privilege when granting access, and withdraw it as soon as it becomes unnecessary.
Securing Your Organization’s Cloud Infrastructure
Cloud computing may be a security headache for some organizations, but the fact is that serverless and cloud architecture is uniquely well-positioned for safe data storage. The base layout of many cloud applications – that is, a structure that organizes a large number of small functions within the cloud – provides a fantastic foundation for a secure and highly-adaptive organization. There no longer needs to be a trade-off between the two features.
The microservices layout gives you an opportunity to apply privileges to individual functions. This ensures that privileges are restricted to only the smallest scope necessary. Furthermore, if there is a silent vulnerability within a function, an attacker will only get access to the limited capabilities of that function, reliably stumping a large scale data thief and denying them real access.
Finally, cybersecurity mechanisms must be switched and adapted to the cloud environment as rapidly as the tech itself changes. This is where application security tools truly excel: manual patching and review processes would be impossible at this scale; high-quality security tools go to incredible lengths to analyze the individual components of the cloud applications you rely on. A proactive cybersecurity process will value an automatic reporting and compliance process – meaning you can fix misconfigurations before they’re actively used in a breach. Keep your defenses highly mobile with automatic policy violation detection. Cloud computing need no longer be a security complication – you just need the right tool for the job.
