The Cybersecurity Minefield of Cloud Entitlements

In the push to the cloud, some organizations could have left themselves open to cybersecurity incidents. Here’s how machine studying and analytics helped one firm shut the gaps.

Credit: kras99 – Adobe Stock

Almost as shortly as we skilled the pivot to work-from-home and to move-to-the-cloud to reduce the financial affect of the pandemic, we additionally noticed what felt like a decide up in important cyberattacks, from the Solarwinds provide chain assault to a raft of ransomware incidents.

How can your group keep away from such assaults? Did shifting staff dwelling and extra workloads to the cloud truly enhance the cyber threat for companies? David Christensen, who has spent a decade engaged on cloud safety at a number of startups and is now director of Global InfoSec Engineering and Operations for cloud and digital transformation at fintech B2B firm WEX, believes {that a} little-known vulnerability is the trigger of many of at the moment’s cloud safety points.

He says the largest safety hole at the moment within the cloud has to do with cloud entitlements. Anything operating within the cloud should have some kind of entitlement related to it for it to work together with different assets — as an example, giving a server permission to entry explicit storage or giving a server the flexibility to launch one other service.

Humans are sometimes within the place of establishing these entitlements within the cloud.

Christensen mentioned that entitlement misconfigurations can occur when somebody reuses a coverage from one server for a brand new server as a result of it contains all of the issues they want for that new server, after which they simply ignore the issues they do not want. But ignoring these different issues is a mistake.

“You say ‘I’m just going to use this policy because it looks like it’s going to work for me,'” he mentioned. But then that server inherits entry to different assets, too, together with entry it would not want.

An accelerated transfer to the cloud could make issues worse.

“As a human being we can’t process all those actions in such a short period of time to determine whether or not approval of a policy is going to lead to a future security incident,” Christensen mentioned. “It’s what I keep describing as the Achilles heel of cloud security. It’s like a matrix of if this then that, and most people who have to define that can’t do it fast enough…When the business is trying to move fast, sometimes you just have to say, ‘well, I don’t think that this is bad, but I can’t guarantee it.'”

The want to manage cloud entitlements has led to a brand new class of software program known as cloud infrastructure entitlements administration or CIEM. Gartner defines entitlement management as “technology that grants, resolves, enforces, revokes, and administers fine-grained access entitlements (also referred to as ‘authorizations,’ privileges,’ ‘access rights,’ ‘permissions’ and/or ‘rules.'”

Gartner predicts that by 2023, 75% of cloud security failures will end result from insufficient administration of identities, entry, and privileges. That’s a rise from 2020 when the quantity was 50%.

The accelerated transfer that many organizations have made to the cloud has made safety failures extra doubtless, in response to Christensen. Some organizations could have tried to use the identical safety measures that they used on-premises to the cloud.

“It creates a lot of gaps,” Christensen mentioned. “The surface area is different in the cloud.”

Christensen discovered some safety gaps when he joined WEX 2 years in the past as an professional in cloud safety. The firm, which gives fleet card and B2B card companies, had launched into a cloud-first journey a few yr earlier than he joined.

To get a greater thought of the extent of these points at WEX, in January 2021 Christensen deployed an analytics-based discovery, monitoring, and remediation device from Ermetic. Within the primary 30 days of placing the platform into manufacturing, WEX discovered virtually 1,000 points, and it was in a position to shut these gaps in its cloud safety. By early July the platform had discovered a complete of almost 3,000 points to repair.

“Again, the cause of these wasn’t a lack of effort to try to build those least-privilege policies,” Christensen mentioned. “People thought they were following the right procedures as advised by Amazon, and as advised by peers in the industry.”

But the dimensions of cloud entitlements had made it near not possible for people to do on their very own. It’s that sort of use case the place analytics and machine studying can assist shut the hole.

For WEX, the appliance has led to a greater safety posture for its cloud-first technique. At a time when attackers are in all places, that is so essential.

“Ultimately, there are two or three things an attacker is trying to do — get at your data, disrupt your business, or give you a bad reputation,” Christensen mentioned.

What to Read Next:

10 Tips for Landing a Job in Cybersecurity
More Remote Work Leads to More Employee Surveillance
Becoming a Self-Taught Cybersecurity Pro


Jessica Davis is a Senior Editor at InformationWeek. She covers enterprise IT management, careers, synthetic intelligence, information and analytics, and enterprise software program. She has spent a profession overlaying the intersection of enterprise and know-how. Follow her on twitter: … View Full Bio

We welcome your feedback on this matter on our social media channels, or [contact us directly] with questions concerning the website.

More Insights

Source link

We will be happy to hear your thoughts

Leave a reply

Udemy Courses - 100% Free Coupons