Five Steps For Reducing Your Company’s Cloud Attack Surface written by Puneet Gupta, Executive Director and Country Head – India, Virsec at VIRSEC where he talks about how today’s network perimeters are growing at a rapid rate and require multi-layered, strategic protection.
The unique challenges of the pandemic propelled many organizations towards digital transformation. In turn, the global business landscape has witnessed mainstream migration to the cloud.
But as more organizations scale to meet the demands of a hybrid workforce model, more cloud services inherently increase the attack surface. A study by McAfee found almost 3.1 million external attacks on cloud user accounts throughout 2020.
As attack opportunities proliferate, it’s vital that companies minimize external exposure to their cloud environments. Let’s take Amazon Web Services (AWS), the leader in cloud infrastructure services, as an example.
When the public cloud emerged, it reimagined how businesses deployed infrastructure and forced companies to rethink security for this highly dynamic environment. Cloud native security solutions, such as security groups and network access control lists (NACLs), offer an immediate level of protection at no cost and with nothing to deploy.
5 ways to protect your attack surface
While cloud-native tools are imperative for network protection, it’s also vital to employ security best practices. Here are five steps to reduce your cloud attack surface.
1. Deploy sufficient network segmentation and security. Establish security zones in each of your environments and allow traffic through the firewall for only what is needed and scoped. At a minimum, have a separate virtual private cloud for each application and environment, but also consider assigning each application environment (development, staging, and production) its own cloud account.
2. Take advantage of the principle of least privilege. Assign access and resources with purpose. For instance, a developer just deploying code should not have administrative rights across the entire cloud account. Nor should a developer have continuous access to a production environment. Give them exactly what they need and nothing more. There are tools available to help scope accounts and users appropriately.
3. Minimize the install base on computer resources. Install what you need, remove what you don’t. For example, with containers, only install the packages and libraries that your application needs to run. Anything superfluous an attacker can use against you.
4. Patch software to fix vulnerabilities. Patching is essential but it doesn’t address every vulnerability. It is dependent on the vulnerability having been seen in the wild; if you have a version of software that has a zero-day threat, it does nothing for you. And, once a patch is published, it’s a race against time to patch it before an attacker has an opportunity to find and exploit that vulnerability in a system.
5. Stop attacker-influenced code with runtime protection. True runtime protection acts as a safety net. It enforces what your application should be doing and stops what it shouldn’t be doing in real-time – before an attack happens. Adversaries are blocked before they can exploit a software vulnerability, known or unknown, or take advantage of misconfigurations, outdated security policies, improperly scoped access rights, and insufficient identity or credential management. Dwell time is non-existent, so threat actors never have a chance to install malware or exfiltrate data. And you gain air cover and time to make updates, while still being protected.
While today’s attack surface is expanding at an unprecedented rate, taking the right precautionary steps will considerably mitigate risk and protect your business.
Read More News: https://www.enterpriseitworld.com/news/ I Watch CIOtv: https://ciotv.live/ I Read IT Partner News: https://www.smechannels.com/
