Because of the need for many companies due to the corona crisis, they have moved to cloud-based applications. This is because the number of remote workers has increased. The problem is security. In a survey by Menlo Security of 200 IT managers, 40% of respondents said the threat of cloud applications and the Internet of Things (IoT) attacks increased.
There are advantages and disadvantages to migrating to the cloud, and there are also security pitfalls that are easy to fall into during the migration process. For example, at a Gartner meeting in 2019, two IT managers explained that their Office 365 batch was installed because of the need to upgrade older equipment.
But now the way you use and share your home computer is different, your personal computer is no longer personal. In other words, the computer that supports your child's online classes or your spouse's business applications may be the same. In a survey conducted this summer by CyberArk, more than half of the respondents found that their passwords were stored in the browser of their company's PC. This behavior is not consistent with any security policy.
Let's take a look at the top 7 mistakes that negatively impact security during the transition to cloud apps and see tips to avoid them.
1. Remote access with VPN
For all those remote workers, a VPN may not be the best remote approach. Looking at the FireEye hacking incident in December 2020, the hacked VPN account was the entry point for the hacking. In the past, VPNs were the leading secure remote working method, but now it's much better to replace them with a zero-trust network where identity is the domain of control and provides access context. In addition, a new home information security policy should be established by reflecting the situation in which several home PCs are used after the corona crisis.
2. Incorrect cloud portfolio setup
There are several factors to look at. For example, do you need a closed cloud to keep your business-critical data separate from the rest? Are there any OS subversions suitable to run specific apps that depend on specific Windows and Linux configurations? Are there suitable connectors and authentication safeguards to run with on-premises apps and devices that are not moving to the cloud? If you have an older mainframe app, it's a good idea to first run it in a closed cloud and find an environment that best fits this existing mainframe setup.
3. Security posture not appropriate for the cloud
Common cloud security mistakes are not safeguarding the storage container, not properly setting access rights and authentication parameters, and leaving a ton of ports open. Whether you're on-premises or logged in from Timbukku in Mali, Africa, it's a good idea to maintain a consistent security posture.
It's also a good idea to apply security from scratch before migrating an app to the cloud. In fact, Johnson & Johnson moved most of their workloads to the cloud a few years ago and centralized their security model. There are other things that can be helpful. Netflix recently released an open-source tool called ConsoleMe, which allows you to manage multiple Amazon Web Services (AWS) accounts from a single browser session.
4. Not testing your disaster recovery plan
How long have you last tested your disaster recovery (DR) plan? Probably too old. This is especially the case if you have been busy working on supporting homeworkers every day. Just because an app is in the cloud doesn't mean that it doesn't depend on certain elements of the infrastructure, including web and database servers. A good DR plan should document these dependencies and make modifications, including describing the most important workflows.
Another important part of your DR plan is continually testing for partial cloud failures. This is because there is a possibility of downtime. Even in the Amazon, Google, and Microsoft cloud, sometimes failures occur. Netflix was the first to popularize overall chaos engineering a few years ago with a tool called Chaos Monkey. Chaos Monkey's goal is to test Netflix's AWS infrastructure by continuously and randomly shutting down various production servers.
You should use these lessons and tools to make yourself chaos and test your disability. In particular, security-related tests that reveal weaknesses in the cloud configuration should be used. The key is to automatically and continuously execute the task, revealing bottlenecks and infrastructure flaws. In addition to the open-source tools from Netflix, there are a variety of commercial products that you can use. For example, Verodin/Mandiant security authentication (SV), SafeBreach hacking, and attack simulation (BAS), Simulate simulation tool, AttackIQ security optimization. Platform (SOP), etc.
5. Not optimizing certification for cloud-dominated portfolios
In situations where you bought it on-premises but now mostly cloud-based and mostly remote access, there may be identity and access management, SIEM, CASB, or integrated authentication (SSO) tools that aren't best suited for your authentication needs. You need to take a closer look at these tools and see if they can cover your cloud environment and your entire application portfolio, and protect your systems accordingly. For example, CASB is very good at managing access to cloud apps, and it can link with specific in-house custom apps, link with risk-based authentication, and protect against more complex hybrid threats.
6. Outdated Active Directory
In an announcement by Gartner's David Mardy and Steve Riley, “Now ID is the new boundary and data is flowing everywhere. "You have to give the right people the right access to the right resources for the right reasons, at the right time." There's certainly a lot to do right. In other words, it means that both the currently authenticated user of the Active Directory (AD) and the currently authenticated app and server may not reflect the reality. What you don't need should be beaten. Having the most accurate information makes the move to the cloud smoother.
7. Not seeking help
There are many managed security service providers (MSSPs) that specialize in this type of migration and don't hesitate to ask them for assistance. This is because it is so busy that it is difficult to pay full attention to the migration process, and important parts can be unintentionally omitted. Or maybe you had a few back doors open or vulnerabilities entered in the process of rushing to the cloud.
0 Comments