Safet Acifovic

It's time to take cloud security to the next level

11/11/2020

Cloud security is becoming increasingly important. To stay in control, many organizations are starting to make use of Cloud Security Posture Management (CSPM) tools. But are these tools enough to prevent cloud-related data breaches? We think not. Upgrade your CSPM today!

It is expected that the the global cloud computing market is to grow to more than $800 billion by 2025. At the same time, Gartner has predicted that through 2025, at least 99% of cloud security failures will be the customer's fault. It should be clear by now that we live in a cloud-first world and that cloud (data) security is becoming increasingly important as we move data centers, business processes, applications and more to the cloud. It is time to step up cloud security!

 

 

It should be clear now that we live in a cloud-first world

 

Many enterprises have already upgraded their cloud security by transitioning from manual checks to automatic tools. And this is often where Cloud Security Posture Management (CSPM) tools come in. A CSPM is a tool that continuously checks cloud platform accounts for compliance and infrastructure misconfigurations. These tools verify automatically whether your cloud configurations are following security best practises and compliance standards such as CIS (AWS or Azure), PCI, HIPAA or GDPR. This is a big leap forwards compared to a couple of years ago when no one had any visibility on whether their cloud environment was secure or compliant.

 

CSPMs play an important role in helping organizations stay compliant with major frameworks and address accidental risks, such as missettings that allow unauthorized access or misconfigured network security groups. CSPMs are becoming a necessary aspect of cloud security.

 

However, we should ask ourselves: is the CSPM approach enough? And will it be enough tomorrow? Or next year? Features are added every day by the cloud service providers. Cloud environments and cloud workloads are becoming more and more complex. By 2025, the cloud computing market will grow to more than $800 billion. We should pay very serious attentions to cloud security. 

 

So, is the CSPM approach enough? We believe that the standard definition of CSPM is lacking. It only provide limited visibility. Let me demonstrate this with an example. Let's say we have a web server which is connected to the Internet and our internal virtual networks. The server has never been patched (it was neglected), and as a result it got infected with a crypto miner. As it stands today, none of the available CSPMs will give an alert. These issues are simply outside the scope of current CSPMs. A CSPM will only check your cloud (infrastructure) configurations.

 

None of the available CSPMs will give an alert

 

 

Despite the fact that misconfigurations in the OS and application layer, such as software vulnerabilities are critical parts of your whole cloud security posture, they are not handled by today's CPSMs. A CPSM will detect a misconfigured data bucket or an overly permissive network security group, but it will not alert on patch issues, malware and weak authentication problems that are present on the server.

 

Cloud security posture management means managing the posture of your entire cloud environment, throughout the whole technology stack. CSPMs need to be supplemented with better defense and threat detection capabilities in order to truly address all aspects of security and compliance for your workloads in the cloud.

 

You should ask yourself: is my current cloud security approach / CSPM tool / security solution, the right one? To help you find an answer to this question, please consider the following four questions.

  1. How many tools will I need to avoid misconfigurations in the cloud?
    You will need a macro view of the level of drift from established policies and the risks in the cloud. You will also need to be able to detect common use cases, such as misconfigured data buckets, vulnerable web instances, infected assets and machines that hold critical data but are publicly accessible. A centralized view of your assets and server in one place is essential in order not to miss any security issues.
  2. Will I be able to get results in context?
    Security teams are overwhelmed with alerts, and fixing security issues comes down to context that enables prioritization. You need a good understanding of what is going on, and the ability to contextualize the findings. It is simply not enough that security solutions alert to potential areas of risk or threat. The security solution must  have an automated way to prioritize those alerts and assess threats in context.
  3. What is your Total Cost of Ownership?
    When considering the various solutions for assessing your security in the cloud, ask yourself: how long will my team need to work in order to implement and administer the tool? How much intra-organization friction will it cause? Will I get good enough coverage after spending this amount of time? You need tools that contribute to the required collaboration necessary to achieve security and compliance in the cloud, without wasting resources.
  4. Are these tools born in the cloud and are they cloud-native?
    Cloud security differs from what we are used to with on-premise environments. Mitigation strategies must also be adapted and relevant in the cloud. The same issues can have different a meaning in the cloud.

We have asked ourselves these questions and we have concluded that we needed something different for our clients, something new and 'next-gen'. Securing the cloud requires complete visibility into all cloud assets, compromised resources, vulnerable software, and misconfigurations without the cost, complexity, and limitations of agents. In our search for a next-gen cloud security solution that can do all this, we came across Orca Security.

Delivered as a SaaS solution, Orca Security uses its patent-pending SideScanningâ„¢ technology to deliver instant and agentless deeper visibility into your cloud environment and ease compliance efforts. The solution works out-of-band and scans the entire cloud estate, down to the data layer to identify malware, vulnerabilities, misconfigurations, leaked passwords, sensitive data (PII) and more.

 

We are excited to announce that we have partnered with Orca Security to help you achieve full-stack visibility across your cloud environments, such as AWS, Azure and GCP.

 

Free trial with our HealthCheck

Each CloudNation HealthCheck comes with a free trial1 of Orca Security to give you the opportunity to experience full-stack visibility yourself. The CloudNation HealthCheck is a security assessment we have developed to help you identify misconfigurations and other security risks within your cloud environment. It's quick, complete and comes with actionable recommendations to help you start fixing right away.

Interested? For more information on Orca Security or our HealthCheck, please leave your contact information below or gives us a call.

 

Contact us

 

 

 

1Terms and conditions may apply