Visibility, configuration and credentials: three keys to hybrid security
24 May 2018 | 0
Hybrid cloud infrastructures bring together various aspects of data, applications, platforms and configurations, which naturally cause concern around complexity.
Amid all of this, security must be uppermost, as the sheer scale of cloud could be used against the organisation.
Visibility across platforms is critical, to make sure you know what data, apps, and workloads are in the public cloud, private clouds, and on premises, along with who has access to what. That is the only way policies can be made that are consistent for any process.
A good way to gain hybrid cloud visibility is with a cloud access security broker (CASB). Gartner predicts 60% of large companies will use CASB services by 2020. CASBs offer visibility into cloud usage and the people who access the data. They offer data security through policies and sometimes encryption key management. Some also offer threat protection and compliance tracking services.
Another strategy to ensure security across hybrid cloud implementations is to lock down access. It is critical to closely manage who has proper access credentials. The security firm RedLock has reported the instance where hackers found poorly secured access credentials and breached a Tesla cloud to run cryptocurrency-mining software. The hackers infiltrated Tesla’s Kubernetes console – which wasn’t password protected – and then found access credentials to Tesla’s AWS cloud containing an S3 storage bucket.
To avoid a similar problem, RedLock advised that companies employ configuration monitoring. In a shared-responsibility model, this work can be done by the cloud vendor or the customer, but each party needs to check the other. If your company allows DevOps teams to deploy apps to production without security oversight, then make sure you have tools in place to automatically discover new resources (and apps) as soon as they are created.
Similarly, organisations must double check configurations. The biggest security risks are usually around configuration management. The basic question to ask is, whether server X be open to the Internet? That sounds simple enough, but confirming configurations across all hybrid cloud deployments can reveal servers directly exposed and perhaps in need of intrusion detection. Also ask, are the servers configurable and up to date for patching?
To address these and other aspects of Hybrid cloud security, TechFire, in association with Trend Micro, will explore these issues to ensure that weaknesses in security are not amplified by the power of the cloud.
Paying particular attention to shared responsibility with cloud providers, such as Microsoft Azure, and what remains the responsibility of the cloud owner, this event will provide insights and practical advice to ensure that cloud does not become a vulnerability in your enterprise security. Attendees will hear how leveraging security automation can secure cloud while enabling technologies such as IoT, with scalable and elastic services.
The event takes place on 30 May from 08:00 at the Aviva Stadium, Dublin, it is a free but registration is required.