Deployment During the Pandemic

Deployment During the Pandemic

Securing cloud services, adoption has been growing steadily

Prior to the COVID-19 pandemic, the rate of cloud adoption was growing steadily. Since March, however, when “shelter-in-place” orders began sweeping the nation, we’ve seen cloud computing usage skyrocket.

The Global Growth Rate
According to recent research from Marketc and Markets, “the global impact of COVID-19 on cloud market size is expected to grow from $233 billion in 2019 to $295 billion by 2021, at a Compound Annual Growth Rate (CAGR) of 12.5 percent during the forecast period.”

The exponential uptick in cloud services is due to widespread “work-at-home” requirements, which hit the business world practically overnight. For organizations where employees already used work-issued laptops and IT teams incorporated virtual machines and cloud services into upgraded infrastructure, moving to a fully remote workforce was a relatively seamless transition. But, this wasn’t the experience for the majority of companies. Quite the contrary, as a matter of fact.

Many employees use desktop computers rather than laptops, so many companies were faced with a decision: Send employees home with their desktop machines, or allow them to use personal devices to log in to corporate networks and applications hosted in the cloud. With the latter being the only logical option for many companies, organizations were forced to fast-track long-term cloud projects. In fact, a May 2020 global survey conducted by MariaDB, found that 40 percent of respondents are accelerating their move to the cloud due to COVID-19.

IT teams worked tirelessly to roll out cloud services as quickly as possible to get the business up and running remotely. Cloud projects that would typically take months to complete were executed in a matter of days or weeks. And, as is so often the case with hurried technology deployments, the quest for “instant uptime” relegated security to an afterthought.

Let the Security Evaluations Begin
Now that we’re a few months into the work-at-home movement and most hiccups in remote business operations have been ironed out, IT security teams will spend Q3 and Q4 evaluating the security of the cloud services they so hurriedly deployed earlier this year. And this is an important exercise to complete, especially as hackers continue to target remote employees and businesses prepare for a potential second wave of COVID-19 that could keep the majority of employees at home through year’s end and beyond.

While the cloud is easy to consume from an end user perspective, cloud security can be complex to manage. In an effort to simplify things, here are five areas to prioritize in your cloud security evaluations.

Understand the shared responsibility model. One of the most common misperceptions about the cloud is that security is owned solely by the cloud service provider (CSP). This simply isn’t the case. Security of the cloud and security in the cloud are two very different things.

While the CSP is certainly accountable for some aspects of security, cloud users have responsibilities, too. And these responsibilities vary depending on the cloud service model in use – Software as a Service, Platform as a Service or Infrastructure as a Service.

The first step to properly evaluating the security of your cloud applications and services is to determine exactly what you are responsible for securing, and what your CSP should handle. With that baseline understanding, you can then focus your time, effort and budget on the appropriate aspects of cloud security.

Refine access privileges. In the rush to the work-at-home reality, many IT teams rolled out broad access privileges to employees – but this isn’t a secure approach. Giving employees access to corporate data, networks and systems beyond what they need to perform their job responsibilities increases the risk of insider threats and compliance violations.

To mitigate risks associated with excessive privileges, refine access controls based on user responsibilities and adopt a least-privileged-access strategy, which gives employees only the access they need to successfully perform their jobs – and nothing more.

Remediate misconfigurations. Cloud misconfigurations remain one of the top causes of data breaches. According to a June 2020 IDC survey of 300 CISOs, misconfigurations topped the list of concerns related to cloud production environments.

But how do you know if misconfigurations exist within your environment? Rely on scanning tools, which can analyze your environment to identify misconfigurations (open buckets or unencrypted data, for example) and provide the associated level of criticality – in other words, how the misconfiguration could impact security or compliance.

Once you have this visibility into your environment – such as an accurate understanding of the misconfigurations that exist and the level of risk it poses to your business – you can take the proper steps to remediate the errors and reduce associated security and compliance risks.

To put it simply, you have to understand the current state of your infrastructure to successfully build the future state.

Adopt automation. To keep up with the dynamic nature of the cloud, you need automation. Cloud capabilities, features and solution sets change so fast that managing security manually is extremely difficult, if not impossible.

Automating the security lifecycle – from programming, to threat detection, to remediation – builds security policies and guardrails into cloud systems, processes and technologies from the start. Not only does this “security by design” strategy strengthen your overall security posture, it also enables policies and guardrails to automatically adapt alongside cloud evolutions.

And, as an added bonus, with automation, you can unite all previously siloed business stakeholders (e.g., security, business, compliance, DevOps and finance teams) under a consistent security strategy, so everyone is working toward a common security goal.

Implement analytics. Over the past five years, organizations have spent a good deal of IT resources and budget on SIEM tools. And, when paired with analytics solutions, SIEM technology provides valuable security data that IT teams can use to quickly detect and remediate threats.

What we’re seeing today, however, is that many IT teams are collecting event logs issued into their SIEM and other security point solutions, but they don’t have analytics tools in place to turn the raw data into meaningful insights.

All SIEM data (e.g., cloud event logs) should be centralized. From there, you can enrich the data based on parameters, build data models, and work on getting full visibility and observability, as well as build data vulnerability management programs, and fraud, security or compliance use cases. For example, you might want to mine payer data for payment fraud, isolate social media chatter to detect potential threats, or search for exposed customer data that would result in a compliance violation.

Without the analytics piece, SIEM data provides little value with high noise. When the two technologies work in concert, however, you can significantly enhance your security and compliance posture in the cloud and across all IT environments.

Cloud security can be a daunting concept, but breaking it down into various initiatives that you can tackle one at a time based on criticality can help kickstart the process and make it more manageable.

With businesses over the initial shock of “instant work-from-home,” now is the time to evaluate and strengthen your cloud security. That way, if a second wave of COVID-19 forces another widespread work-at-home mandate, you can rest assured that employees will not only be up and running, but up and running securely. And, more importantly, you’ll have an iron-clad security strategy to protect your employees, your data and your business, regardless of what’s happening in the world around you.

Joe Vadakkan is the global cloud security leader at Optiv Security.

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Survey: Only 13 Percent of Research Institutions Are Prepared for AI

    A new survey commissioned by SHI International and Dell Technologies underscores the transformative potential of artificial intelligence (AI) while exposing significant gaps in preparedness at many research institutions. Read Now

  • Survey: 70 Percent of Organizations Have Established Dedicated SaaS Security Teams

    Seventy percent of organizations have prioritized investment in SaaS security, establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions. This was a key finding in the fourth Annual SaaS Security Survey Report: 2025 CISO Plans and Priorities released today by the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Mobile Applications Are Empowering Security Personnel

    From real-time surveillance and access control management to remote monitoring and communications, a new generation of mobile applications is empowering security personnel to protect people and places. Mobile applications for physical security systems are emerging as indispensable tools to enhance safety. They also offer many features that are reshaping how modern security professionals approach their work. Read Now

Featured Cybersecurity

Webinars

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3