Misconfigured Cloud infrastructure as an area of significant concern for cybersecurity in the region and an area often overlooked by organisations. This has potentially dire consequences with organisations adopting a Work From Home (WFH) approach due to the COVID-19 pandemic, a development which has accelerated the move to cloud.
Observation derived through Horangi’s analysis of just over 1 million configurations of cloud infrastructure identified approximately 265,000 misconfigurations, 25% of the total number evaluated, could be leveraged by threat actors as attack vectors. These misconfigurations commonly include unrestricted outbound access as well as access to network ports that could be used to gain unauthorised entry into an organisation’s network.
The analysis also included other cloud related vulnerabilities that could collectively impact the overall security risk posture of an organisation, these being:
- Identity and Access Management (IAM)
- 88% of organisations possessed unused IAM credentials while 63% of organisations had inactive users still registered in their database, raising risks of unauthorised access when credentials fall into the wrong hands
- 56% of organisations had users without Multi-Factor Authentication (MFA) in their cloud systems, elevating risks related to identity compromise from brute force attacks or phishing
- 97% of organisations had permissions attached to users directly; as a best practice, organisations should assign permissions at a group level to streamline access management, and to avoid accidentally granting individuals higher privileges than intended
- Network Access Control
- 84% of organisations allowed unrestricted access to network ports that bad actors could leverage to launch attacks or to gain unauthorised access to the organisation
- Audit Logging
- 78% of organisations had gaps in their ability to audit changes to their infrastructure, causing them to be lacking in full visibility across their entire cloud environment and limiting forensic investigation of breaches, while 91% of organisations also see gaps in their monitoring of sensitive changes
“In the new reality, IT leaders will need to re-focus efforts and investment on remote work security policies, access control, identity and access management, privileged access management, security awareness training, endpoint protection, data loss prevention, and supply chain risk concerns to mitigate breaches and attacks. Solutions such as Cloud Security Posture Management (CSPM) applications can enable the proactive identification and remediation of vulnerabilities, helping to improve organisational risk postures for the region’s increasingly cloud-first organisations,” said Paul Hadjy, CEO and Co-Founder at Horangi, as the company updates Warden with real-time threat detection capabilities.
There are two categories of services available to end-users in ensuring application-level cloud security. Native Cloud Security offered by Cloud Service Providers (CSP) such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) within their existing infrastructure, and Third-Party Security, which are out-of-the-box solutions offered by non-CSPs that aim to address the shortfalls of the former.
“While Native Cloud Security tools may be sufficient for businesses with a single cloud environment, third party options may be a more viable option for organisations that need to manage large or critical cloud workloads, and have multiple cloud service accounts,” added Hadjy. “Third-Party Cloud Security can value-add to internet businesses in complex and highly regulated industries such as finance, healthcare, services and government, while being fully supported operationally to scale flexibly according to business needs and developments.”
Horangi has recently been accredited by the Infocomm Media Development Authority of Singapore (IMDA) in its Accreditation@SG Digital programme managed in collaboration with the Cyber Security Agency of Singapore (CSA). This forms part of the city state’s vision to improve the quality of Singapore’s SME cybersecurity landscape, with Horangi positioned alongside other qualified contenders to government and large enterprise buyers wishing to boost their digital security capabilities.
For an in-depth analysis of the competitive advantages provided by Third-Party over Native Cloud Security solutions, download Horangi’s Whitepaper ‘The Hitchhiker’s Guide to Cloud Security’.