The majority of companies moving to Multi-cloud environment Aqua Security reveals that cloud-based services are not properly configured. According to the findings of the report, these misconfigurations, such as leaving buckets and blog storage open, can expose businesses to serious security breaches.
Even if companies are aware of the error, most companies do not address most of these issues in a timely manner, reflecting the overwhelming amount of configurations that practitioners must address. Large companies, in particular, take an average of 88 days to address a problem after discovery.
“Given that a single cloud misconfiguration can expose your organization to serious cyber risks such as data breaches, resource hijacking, and denial of service attacks, the consequences of failing to address the misconfiguration issue are: It’s so realistic that it can’t be ignored. ” Asaph Morag, Lead data analyst AquaTeam Nautilus.
Solving the problem of cloud misconfiguration
The findings point to the following important security gaps:
- Less than 1% of enterprise organizations fixed all detected issues, but less than 8% of SMBs fixed all detected issues.
- Over 50% of all organizations receive alerts that services are not configured correctly with all ports open around the world, but only 68% of these issues have been fixed, averaging 24 days. It took.
- Over 40% of users are using at least one misconfigured Docker API, which took an average of 60 days to fix.
The results of these surveys are based on Infrastructure-as-a-Service (IaaS) And Platform-as-a-Service (PaaS)account. This suggests both a lack of understanding and an overwhelming number of problems that need attention.
“Cloud-native applications improve agility by providing more people with access to define their environment, but we’ve seen many organizations move away from a centralized approach to security. “I will,” added Morag.
“The traditional model of allowing only small, highly skilled teams of security personnel to make all configuration changes has been replaced by the latest decentralized approach. Development teams make configuration decisions. And services are being applied, which can have a dramatic impact on the security regime of an organization’s production environment. ”
The report examines the mistakes that lead to misconfiguration of five common types of cloud settings. Storage (bucket / blob) misconfiguration, identity and access management (IAM) misconfiguration, Data encryption Problems, exploitable services behind open ports, and abuse of container technology.
Reduce exposure to threats
The report also provides recommendations on best practices and policies that organizations can implement immediately to mitigate the risk of cloud misconfiguration.
- Start a formal remediation process to prioritize issues.
- Attackers are actively scanning exposed API ports, treating all API issues as serious.
- Applying various IAM controls Establish layers of access control such as multi-factor authentication (MFA) and identity federation.
“Whether your organization employs a single-cloud or multi-cloud environment, you need to proactively monitor and fix service configuration issues that could unnecessarily threaten your organization.” It states. Fdoor Milli, Senior Director of Product Management. “If you don’t do this, you can inevitably suffer far more damage than traditional operating systems and on-premises workloads.”
Most organizations haven’t been able to fix cloud misconfiguration issues in a timely manner
https://www.helpnetsecurity.com/2021/05/17/cloud-misconfiguration-issues/ Most organizations haven’t been able to fix cloud misconfiguration issues in a timely manner