It’s easy to assume that cloud service providers are fully responsible for every aspect of cloud security. The truth is that configuration is an aspect of the shared responsibility model of cloud security that often falls in the hands of organizations using cloud services and platforms.
IT and security professionals are taking notice of the security threat that cloud misconfiguration presents. In the 2018 Cloud Security Report, a survey of over 1,900 IT and security professionals published by Cybersecurity Insiders and Crowd Research Partners, misconfiguration jumped to the number one spot this year as the single biggest threat to cloud security (62 percent).
Delta Risk VP of Managed Security, John Hawley, and Director of Technical Consulting, Mike Piscopo, discussed this subject at length in a recent webinar, “Flying Blind: Cloud Configurations Gone Wrong.” The new Delta Risk white paper, “How to Overcome Cloud Misconfigurations” drills down further on key topics from the webinar, including specific configuration risk factors affecting software-as-a-service (SaaS), cloud infrastructure, and DevOps, and the steps organizations can take to minimize these risks.
Here’s an excerpt from the white paper about the misconfiguration and access risk factors organizations face for SaaS environments:
Software-as-a-Service Access Configuration Challenges
Many organizations have adopted SaaS applications in some form or fashion to streamline their business processes and replace traditional on-premises applications. Often, one of the key concerns is that the people using these applications are administrating the accounts as opposed to the security team. These business professionals are buying the applications; they are not federating these applications out of a directory. Their focus is creating and managing individual user accounts.
One of the key challenges organizations face with user accounts is controlling access when employees leave a company. For instance, many organizations do not have policies in place to govern when access to critical applications is denied.
Another major challenge companies face is gaining visibility into potential account takeovers. Applications sit outside of the network, so it can be difficult to maintain control of these environments. There is not a traditional firewall around these environments to indicate when someone is logging in from a different country or a different location.
When there is an alert for potential account takeover, it is more likely that the account credentials of these applications have been compromised in some other way. However, if individuals have used a different site maliciously or from a different location, it is difficult to determine the source since the device is not sitting inside of an organization’s network under tighter security controls.
The final risk factor to be aware of is users integrating their SaaS applications with other applications. For example, the sales teams may be entering their Office 365 credentials into customer relationship management (CRM) applications like Salesforce or sales-enablement applications. Other examples of SaaS applications that could create integration challenges include Box, G Suite, ServiceNow, and Dropbox.
Download the complete white paper to learn about the risk factors impacting cloud infrastructure and DevOps environments, and the four critical areas of cloud security where breach risk factors are heightened.