[NEW] Red Team Attack Simulation Built Around MITRE ATT&CK Framework: A Horangi Guide
logo

What Is Cloud Security?

Cloud security refers to the protection of applications, data, and infrastructure involved in cloud computing. With more than 97% of companies using cloud services today, how cloud security solutions are delivered will depend on an organization’s environment and its interaction with cloud services.

Cloud security refers to the protection of applications, data, and infrastructure involved in cloud computing. The actual protection can be implemented with a mix of policies, controls, software, and related technologies. In many ways, the concept around securing cloud environments is no different from any on-premise environment. From filtering traffic and managing software and container lifecycles to authentication and authorization, it boils down to managing security risks.

Cloud environments can typically be categorized into Public Clouds, Private Clouds, and Hybrid Clouds. Each of these environments bring a different set of security and compliance risks to the table. Along with environments, cloud services are also delivered in three primary ways:

  • Infrastructure-as-a-Service (IaaS) — Where organizations set up their own virtual data centers for their computing needs without the hassle of physical data center maintenance, using services from major Cloud Service Providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). 
  • Platform-as-a-Service (PaaS) — Where organizations build and run applications without needing to maintain the backend infrastructure, using services such as Google App Engine, AWS Elastic Beanstalk, and Oracle Cloud Platform.
  • Software-as-a-Service (SaaS) — Where organizations use applications delivered directly over a web browser, without needing to manage applications per employee endpoint. Examples include Office 365 and Adobe Creative Cloud.

How cloud security solutions are delivered will depend on an organization’s environment and its interaction with cloud services. 

Security Blind Spots In The Cloud

No visibility of cloud footprint

The ability for an organization to rapidly increase its cloud instances and services is a big win when it comes to scaling. But in a dynamic cloud environment managed by a number of people, there can often be cloud sprawl. Can your organization document all the workloads running in the cloud? Are new technologies being added and can the data be correctly classified? When things are always changing in a cloud sprawl, security teams may not have the full visibility of cloud footprint.

Unlike hackers who need only to be right once, organizations bear the sole responsibility of needing to be right all the time. A loss of visibility of cloud assets shifts the odds in the hacker's favor. Unmanaged systems tend to be unsecured since no one is looking after them. In order to mitigate this risk, organizations must not only implement automated solutions that aid in asset discovery but also adopt tighter guardrails against cloud sprawl.

Misconfigurations

Hackers exploit vulnerabilities in the cloud. The prevalence of such misconfigurations is a result of a myriad workload options compounded with a lack of workload management expertise. AWS alone has more than 165 services over 24 categories, all of which can be freely configured by users. Risky configurations of cloud services allow hackers to breach cloud environments, from which confidential data and credentials can be stolen. Hackers may also exploit these vulnerabilities with Distributed Denial of Service (DDoS) attacks that consume an organization’s cloud resources and make them unavailable to customers.

For this reason, the major Cloud Service Providers (CSP) do provide their own solutions to fix these misconfigurations. Such solutions include AWS Config, AWS GuardDuty, as well as GCP Security Command Center.

Why Cloud Security Is Important

With more than 97% of companies using cloud services today, according to McAfee, the good guys have a lot to gain as they adopt cloud security solutions in one way or another. Cloud Access Security Broker (CASB), Identity-as-a-Service (IDaaS), Cloud Testing Services, and Cloud Security Posture Management (CSPM) are all viable solutions depending on the most urgent needs of your organization. 

The objectives of implementing cloud security are:

1. Ability to assess security posture at any time

What is your current state of security across your data and systems? If a regulatory body or third party needs to know, can you provide comprehensive visibility of all your organization’s cloud assets and the steps you have taken to manage the associated security risks?

2. Ability to limit access controls

The principle of least privilege applies. How can you verify that a user is who they say they are? How many Super Admins are really required in your cloud environment? Being able to segment users ensures that even if a particular user is compromised, the organization remains largely unaffected.

3. Ability to trace and respond to unusual activity

Organizations need to know whenever unexpected events occur. With the ability to log activities, you can retrace the steps that lead to potentially malicious activity. Setting up and maintaining a robust incident response plan helps organizations be proactive about managing their risks.

Cloud Security By Horangi

Working with a reliable and experienced cloud security partner that understands your organization’s important security risks will help you save money as you implement a customized solution. Many of Horangi’s customers are organizations either in the cloud, transitioning to the cloud, or thinking about it. We have cloud security consultation and testing capabilities to match this demand. Horangi also offers Warden, a CSPM SaaS product for customers to easily manage their own security and compliance risks.

Yang Teo

Yang Teo is the Regional Content Marketing Manager at Horangi. He runs the Ask A CISO podcast and manages the Horangi blog.