Reports suggest that, over the last two years, more than 33 billion documents faced security breaches due to misconfigurations of cloud-native services, costing businesses worldwide nearly $5 trillion. Security breaches due to cloud misconfigurations are witnessed across industry verticals. Another report reveals that an average of 230 million misconfigurations are carried out per day!
Fueled by the continued spread of the coronavirus pandemic, businesses have been acting quickly to enable remote connectivity. Microsoft has reported 775%2 increase in Microsoft Teams monthly users in Italy due to social distancing. Other collaboration tools are also experiencing a spike in usage, although some are exhibiting serious weaknesses and vulnerabilities. When moving business applications to the cloud, extending cloud-based collaboration tools, or enabling business continuity, cybersecurity has generally taken a back seat.
Cyber threats are increasing due to a lack of necessary security controls on work-from-home devices and a weakened security architecture due to swift increases in cloud usage. At the same time, remote access of the hybrid cloud environment, by workers, partners, and consumers, is increasing existing risks and presenting new vulnerabilities.
In the current environment, enterprises should consider the following recommendations to strengthen their cloud security posture across cloud service models.
Cyber Resilient and Compliant Cloud Usage
- Put a strategy in place for a structured approach to securely build, implement and monitor your cloud-based business applications to attain holistic visibility into the health of the applications (along with their underlying cloud native services, infrastructures, data, identities, etc.) and their adherence to compliance standards.
- Perform a periodic assessment of your cloud security posture that includes architectural aspects and potential misconfigurations in cloud native controls and services.
- Reassess your cloud native applications from a security standpoint. Inadequately secured cloud native applications associated with PaaS, containers, or serverless computing are under rapid cyberattack3.
- Ensure that you embed security in your DevOps life cycle and include drift management capabilities during cloud-native application development and maintenance cycles.
- Evaluate and enhance your hybrid cloud security capabilities, such as digital identity, governance, and access.
- Protect your cloud-based identities and resources through continuous least-privileges enforcement using activity-based authentication and secured API usage.
- Review your cloud information protection strategy, such as Data Loss Prevention (DLP), application and data encryption and obfuscation, key management and information-centric access controls.
- Secure Big Data in the cloud through deployment of granular controls.
- Continuously evaluate the cloud threat landscape for your industry and business.
- Bolster security incident response automation in your cloud SOC and DevSecOps capabilities.
Secure Remote Work and Collaboration
- Provide your workforce a requisite level of secure access to business applications leveraging various mechanisms to keep threat surface under check. Ensure that remote workforce is enabled to be protected from various and ever-changing threats.
- Enable users to leverage collaboration tools securely for remote meeting and information sharing through email and storage. At the same time, enforce organizational security policies around usage of personal devices (over secure Wi-Fi) in line with guidance from NIST, GDPR, etc.
- Have a differentiated digital identity strategy for privileged users performing administrative activities in business critical environments. Build and evaluate your privileged remote access management to include conditional access, just enough frictionless access, multi factor solutions, etc.
- Leverage SaaS-based, secure, remote work and collaboration solutions (including VDI) to meet business requirements when the scalability, flexibility, or speed of the traditional environment is hindered. Ensure that you have capable solutions like Cloud Access Security Broker (CASB) to govern usage of SaaS solutions for your workforce.
Businesses rushing to the cloud to enable millions of workforces for remote work during the COVID-19 crisis are facing various security challenges. At the same time, to meet regulations and compliance, businesses need a curated security approach. Looking forward, organizations must examine their short-term security measures and embrace zero-trust based initiatives to strengthen their cloud security posture and achieve sustained compliance.