Cloud Hosting

Cloud security continues to vex corporate information technology managers, and new research indicates that the problems are both widespread and not easily fixable, thanks to a number of weak areas.

In many cases, the procedures to secure cloud workloads has been well-known for years but arent always applied consistently or reliably. Some old chestnuts, such as cross-site scripting and SQL injection attacks on web servers, still account for almost half of todays cloud vulnerabilities, for example.

The problems cover the waterfront and arent just structural issues. Secondary issues such as security alerts take too much time to resolve, and risky behaviors fester without any real accountability to prevent or change.

SiliconANGLE examined four cloud security reports that address these issues:

The reports show that despite reams of details on best security practices, organizations dont do well with their implementation, follow-through or consistent application. For example, consider well-known practices such as the usage of complex and unique passwords, collection of access logs and avoidance of hard-coded credentials.

Unit 42 states what should be obvious by now, that hard-coded credentials pose significant security risks because adversaries can use them to bypass most of the defense mechanisms. Yet it found that more than 80% of organizations still used them.

A similar majority of accounts analyzed in its report doesnt turn on the logging and auditing features across Amazon Web Services CloudTrail, the Microsoft Azure key vault audit logging and Google Cloud Platform Storage Bucket logging services.

The situation is slightly better when it comes to enforcing another best-practice safeguard: multifactor authentication. Even for cloud-oriented businesses, MFA has been slowly adopted within organizations. Datadogs research found that 45% of AWS organizationshad one or more users authenticate their main command consoleswithout using MFA.

Worse, only20% of Azure organizationshad all of their Azure Active Directory users authenticate with MFA. Unit 42s research concurs, with these findings: At least three-quarters of organizations dont enforce MFA for console users, and more than half of organizations dont enforce MFA for root/admin users. All of these numbers are pretty dismal, given the widespread dictums for MFA that have appeared along with the numerous breach statistics of accounts that relied on less secure methods.

Speaking of security credentials, Datadogs report found that static, long-lived credentials still cast a long shadow, and eliminating them has proven difficult. It found that across the three major cloud providers,roughly half of access keys are more than a year old, and more than one in 10 are more than three years old. This demonstrates that access keys tend to live for longer than they should, and many access keys arent being used and still havent been deprovisioned, the authors wrote.

IBMs X-Force team agreed with these statistics: It discovered plain-text credentials located on user endpoints in 33% of engagements involving cloud environments.

Datadogs report identified two other major issues:

When these technical challenges are combined with bad behaviors, cloud security becomes more difficult to enforce. As Illumios report said, The vast majority of organizations that use cloud-based services need more efficiency, visibility and capabilities to reduce risks in their environment and the survey found that nearly half the data breaches suffered over the past year originated in the cloud.

Part of the problem, according to Unit 42s research, is the difference between cloud and on-premises security: Traditional digital forensics and incident response techniques are not designed to handle these types of events because the tooling, processes, and data sources necessary for investigating security incidents are very different between on-premises and cloud environments.

Illumios report contains some dire language: Todays cloud security solutions are continuing to fail when it comes to safeguarding companies against cybercriminals who regularly cause massive disruption by exfiltrating data and demanding exorbitant ransoms.

Two solid recommendations come from the IBM report: Engage in adversary simulation exercises using cloud-based scenarios to train and practice effective cloud-based incident response. And use AI capabilities to help scrutinize digital identities and behaviors, verify their legitimacy and deliver smarter authentication.

TheCUBEis an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate thecontent you create as well Andy Jassy

THANK YOU

Read more from the original source:
Cloud security continues to give IT managers headaches. Here's why - SiliconANGLE News