Thought Leadership

Misconfigurations Are the No. 1 Cause of Cloud Security Threats

Cloud Security Threats

(November 22, 2021) Cloud platforms and services offer customers a number of tools to protect their applications and data. However, many customers fail to take advantage of these tools or don’t understand how to use them.

Experts agree that misconfigurations are the No. 1 cause of cloud security threats. According to Gartner Analyst Neil MacDonald, “Nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement, and mistakes.”

The 2021 IBM Security X-Force Cloud Threat Landscape Report finds that two-thirds of cloud security incidents involve improperly configured application programming interfaces (APIs). Additionally, misconfigured platforms and inadequate network controls expose internal systems and data to the public Internet. Often, organizations fail to segment their networks, enabling hackers to move laterally between cloud and on-premises systems.

Failure to enable multifactor authentication (MFA) allows attackers to access cloud accounts using stolen credentials. In fact, all of the cloud environments tested by the X-Force Red team had password or policy violations. Tens of thousands of compromised cloud accounts are for sale on the dark web, many for just a few dollars, with 71 percent offering direct access to cloud resources via Remote Desktop Protocol (RDP).

Cloud Threats on the Rise

These threats have become widespread as more organizations migrate applications and services to the cloud. In a recent Security Boulevard survey, half of the respondents said they experience 50 or more misconfiguration incidents daily, and 90 percent are unable to remediate them promptly.

Not surprisingly, more than 80 percent are concerned that their organization will suffer a misconfiguration-related breach or data leak. More than one-third (36 percent) have experienced such an incident in the past year.

Cloud vulnerabilities are also on the rise, seeing 150 percent growth over the past five years, according to the IBM X-Force report. Of the 2,500 known vulnerabilities, almost half were discovered within the past 18 months.

Several factors increase the risk associated with these threats. Many organizations lack cloud expertise — a challenge exacerbated by the chronic shortage of in-demand IT skill sets. Security policies don’t always encompass the cloud, and IT teams lack the tools and resources for effective cloud monitoring and threat detection. Some organizations don’t understand the shared responsibility model of the cloud, and their obligations to protect their applications and data.

Reducing Cloud Risk

According to IBM X-Force research, two-thirds of cloud security incidents could be prevented by patching systems, implementing more robust security controls, and enforcing security policies. In other words, many of the same measures that help protect on-premises environments should be utilized in the cloud.

Organizations should implement MFA, particularly for administrator-level accounts. Identity management policies should give users access only to the resources they need to do their jobs. It’s also important to consider machine identities — trusted connections between cloud and on-premises systems are a significant security risk.

Network segmentation should be used to isolate trusted networks from the public Internet and reduce the attack surface. Firewalls and other tools should be implemented and regularly tested. Monitoring tools should be extended to the cloud, and the IT team prepared to respond quickly if a threat is detected.

Given the general lack of cloud skill sets, organizations should seek outside assistance to ensure that they are prepared to detect, block and respond to cloud threats. A managed services provider (MSP) with cloud expertise can help keep both the cloud and on-premises environment up-to-date and secure.

Cloud misconfigurations and vulnerabilities are a growing source of security threats. Organizations should take steps to shore up their security policies and controls to ensure that their cloud-based resources are protected.

ABOUT MAINSTREAM TECHNOLOGIES

Mainstream Technologies delivers a full range of technology services in Arkansas and the surrounding region including managed technology services and consulting custom software development and cybersecurity services. We also offer industry-leading data center services in our Little Rock facilities. Established in 1996, Mainstream has earned a reputation for delivering quality, reliable, and professional technology services for public and private-sector customers across the United States.

Jeff Pracht
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile

Contact Us

  • Industry

  • Category

  • Regulation

  • Solution