Misconfiguration of the Cloud leads to Data Breaches
You’re speed walking (… jogging isn’t a good idea in the drizzle) up Collins Street towards Parliament station. Quickly you descend underground, heading across the dimly lit concourse towards the Myki ticket gate. You tap your Myki on the reader, and it fails.
“Why does this always happen when you’re already late home?”
You turn to the side and notice everyone is having the same issue. Someone has made a human error, and Myki rejects all valid tickets.
It’s like when your business misconfigures security settings across your IT network – sometimes, it’s human error.
And when planning cybersecurity strategies, many businesses need to learn how to configure their cloud solutions. Cloud apps are relatively quick and easy to join, so many users assume they don’t need to consider cloud security as they believe the app has handled it.
Now, the absolute truth is that cloud security is a shared model. The cloud provider handles securing the infrastructure backend. But the user’s responsibility is correctly configuring their account’s security settings.
Misconfiguration is a huge issue and the leading cause of cloud data breaches. Put simply, misconfiguration means that a company has made a mistake by not adequately securing its cloud application.
Perhaps they gave too many employees administrative privileges. Or, they may need to turn on a security function that prevents downloading of cloud files by an unauthorised user.
For example, misconfiguration covers much negligent behaviour related to cloud security settings and practices.
45% of companies experience between one and fifty cloud misconfigurations per day, according to a recent study (The State of Cloud Security 2021) – showing just how common it is.
Here are the leading causes of misconfiguration identified:
- Lack of adequate controls and oversights
- Employees and teams have poor security awareness
- Having a significant number of cloud APIs to manage
- Inadequate monitoring of the cloud environment
- Negligent insider behaviour
- Insufficient expertise in cloud security
Use the tips below to reduce your risk of a cloud data breach and improve cloud security.
1. Do you know what cloud apps your employees use?
Probably not. And you’re not alone. Studies estimate that shadow IT use is approximately 10x the size of known cloud use. Shadow IT is when an employee uses a cloud app without authorisation. In other words, this is due to the employee using an unauthorised app without the oversight or approval of the company’s IT team.
That’s why when employees use unauthorised cloud applications, you’re unaware of the threat to your business. And naturally, it’s impossible to guard against these threats, leading to data breaches due to misconfiguration.
You can easily protect your business with a cloud access security application. And allows you to gain visibility into your entire cloud environment, so you know what to watch.
2. Secure and limit privileged accounts
You should have very few users who can change security configurations. As you increase the risk of misconfiguration with the more privileged accounts. Imagine you have an inexperienced user with a privileged account who accidentally opens a vulnerability like removing a cloud storage sharing restriction. This vulnerability could expose your entire environment and become a target for cybercriminals.
To protect yourself, regularly audit privileged accounts in all cloud tools. And then reduce the number of administrative accounts to the least needed to operate.
3. Introduce automated security policies
Automation helps mitigate human error. In addition, automating as many security policies as possible helps prevent cloud security breaches.
For example, if you use a feature like sensitivity labels in Microsoft 365, you can set a “do not copy” policy. It will follow the file through each supported cloud application. Users don’t need to do anything to enable it once you put the policy in place.
4. Microsoft Secure Score can help you audit your cloud security
How secure is your cloud environment? It’s concerning to think how many misconfigurations may be risking your network. However, knowing this information is essential to correct issues and reduce business risk.
Microsoft Secure Score is one tool to help you reduce risk. A security audit tool can help scan your cloud environment and let you know where problems exist. Regardless if you choose to use Microsoft Secure Score or another provider, they must be able to recommend actions you can take to remediate any issues identified.
5. Establish alerts to monitor for configuration changes
Whilst it would be great to think “once and done”, your cloud security settings are now correct, and you won’t need to make any changes. Well, that would be a mistake. Several things can cause a change in a security setting without you realising it.
Events and things you need to be aware of include:
- An employee with elevated permissions inadvertently alters them
- An integrated 3rd party plug-in makes a change
- Software updates and patches
- A cybercriminal has compromised a privileged user credential
You can avert these issues by proactively setting up alerts to monitor any significant change in your cloud environment. For example, the setting to force multi-factor authentication (MFA) gets switched off. With the alert set up, your IT team knows immediately when a change occurs to a critical security setting. This enables them to take immediate steps to research and resolve the issue.
Need to improve your cloud security?
No one expects business owners, executives or office managers to be cybersecurity experts. Or have the time or knowledge to configure the best IT security for their company.
When you invest and partner with a trusted IT-managed service provider, they have a team of cloud specialists to support you.
With most work done in the cloud and companies storing massive amounts of data online, the risk can of a breach be minimised.
Contact us today to help you mitigate the risk of misconfiguration and protect your business with a cloud security assessment.
About the author
Yener is the founder and Managing Director of Intuitive IT. Prior to running his own business Yener worked for a number of corporate organisations where he gained invaluable experience and skills, as well as an understanding of how IT can complement and improve business outcomes.