Staying Safe in Times of Cyber Uncertainty

What is a Cloud Security Misconfiguration?

Applications can have intrinsic vulnerabilities to attack due to vulnerable code patterns such as SQL injection or cross-site scripting (XSS). However, even applications without these common vulnerabilities can be vulnerable if they are incorrectly deployed and configured. According to OWASP, approximately 4.5% of applications are configured or deployed in a way that makes them vulnerable to attack.

While this is true of applications in general, cloud-based applications are especially vulnerable to security misconfigurations. In a recent cloud security survey, over a quarter (27%) of respondents experienced a public cloud security incident. Of these, 23% were caused by misconfigurations, which is far more than other common cloud security issues. This also represented a 10% increase from the previous year.

Cloud security misconfigurations are expected to be a major problem for years to come. According to Gartner, 99% of cloud security failures through 2025 will be the customer’s fault, and these are oftendue to security misconfigurations. The ability to rapidly prevent, detect and correct security misconfigurations is essential to an enterprise cloud security strategy.

Learn More Request A Demo

Common Causes of Cloud Security Misconfigurations

Under the shared responsibility model of cloud security, cloud customers are responsible for securing their own cloud-based resources. However, manyorganizations struggle to secure their cloud-based infrastructure. 

Some of the common causes of these security misconfigurations that place companies at risk include:

  • Multi-Cloud Complexity: Most organizations have multi-cloud deployments spanning platforms from several different cloud providers. Since each of these platforms has its own array of security settings, it can be difficult to properly configure and monitor these settings across environments. Additionally, any lack of consistency between the various security settings will increase the risk to the organization. 
  • Unchanged Defaults: When deploying new applications or expanding to new cloud environments, an organization’s new cloud infrastructure comes with default values for its security configuration settings. If these settings are not secure by default, a failure to reconfigure these settings can leave the organization vulnerable.
  • Unsecure DevOps: Agility is one of the main selling points of cloud infrastructure. In an attempt to rapidly deploy new functionality, administrators may set up “temporary” security configurations during testing. If these configurations are not changed after release, they place the organization at risk.
  • Skills Gaps: Many organizations have only recently transitioned to the cloud and have adopted complex, multi-cloud environments. Securing these environments requires in-depth experience with the security settings of each platform, which can be difficult to acquire due to the existing cybersecurity skills gap.
  • Shadow IT: Cloud platforms are designed to be user-friendly, and it is easy to spin up applications, data storage, and other cloud services. As a result, employees may deploy cloud assets without appropriate authorization and properly-configured security controls.

Examples of Cloud Security Misconfigurations

Various security misconfigurations can exist in corporate cloud environments. Some of the most common examples of cloud security misconfigurations include:

  • Default Accounts and Passwords: The default accounts and passwords used by various applications and services are publicly known. Failing to disable default accounts or change their passwords can leave cloud infrastructure vulnerable to credential stuffing attacks.
  • Publicly-Accessible Assets: Many cloud platforms allow files, folders, etc. to be shared using publicly accessible links. This link sharing allows anyone who knows or guesses the link to access potentially sensitive corporate data.
  • Excessive Access: Users and applications are often granted unnecessary access and permissions in cloud environments. This excessive access increases the probability and impact of a security incident caused by compromised credentials, misused permissions, or employee negligence.
  • Unnecessary Features: Cloud services, cloud-based applications and cloud environments may come with unnecessary features. Failing to disable features that the organization does not use expands the digital attack surface.
  • Unencrypted Storage: Cloud data storage is increasing, meaning that large volumes of data are stored on third-party platforms that are often shared with other cloud customers. If this data is stored unencrypted, it may be accessible to unauthorized users.
  • Missing Updates and Patches: While the cloud provider maintains the underlying infrastructure, the cloud customer is responsible for applying updates to their applications and the underlying software components. Failure to do so could leave applications exposed to the exploitation of unpatched vulnerabilities.

How to Prevent Cloud Security Misconfigurations with CloudGuard

Configuration management can be complex in cloud environments. The nature of cloud architecture and the shared responsibility model of cloud security can make it difficult to achieve in-depth visibility into an organization’s cloud infrastructure. Cloud customers lack access to and complete control over their underlying infrastructure, and, without this access, some traditional security solutions are not usable in the cloud.

The complexity of multi-cloud environments amplifies the challenge of configuration management as companies must properly configure multiple vendor-specific security settings. Lean security teams may struggle to keep up with rapidly-evolving cloud deployments.

These cloud security misconfigurations are a significant threat to cloud security but are not the only cloud security risk that companies face. You’re welcome to learn more about the state of cloud security in Check Point’s 2022 Cloud Security Report.

Automated Cloud Security Posture Management  is the only way to effectively and scalably manage security configurations in rapidly-expanding multi-cloud environments. To see how Check Point CloudGuard can help to minimize the risk of cloud security misconfigurations in your organization’s cloud deployments, sign up for a free demo.

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK