Do you know this half-joke, ‘there is no cloud, it’s just someone else’s computer’? Cloud computing is often seen as THE solution, so it is often overlooked that it is only a tool, with its advantages and disadvantages.
The benefits of the cloud are linked, among others, to:
- its ease of use, for example to set up a complex infrastructure, to open and close new instances…
- its low cost: only for what is consumed is charged, and there is no significant initial investment compared to local hosting,
- its performance and reliability: system redundancy is provided for, as is maintenance…
- the security of the hardware is supported.
Indeed, the main cloud hosting providers operate on a shared responsibility model. Providers take care of the physical security of the hosting while you are responsible for what is hosted.
A bit like car manufacturers who have to produce reliable vehicles, but you remain responsible for your driving and for the car maintenance.
As with any tool, there are risks when using the cloud. After discussing some of the risks, we’ll review key cloud security best practices that you can implement.
Cloud Security: What are the Risks?
In this article, we only cover risks related to what you manage when you use the cloud. We therefore don’t include the risks related to web applications that are hosted in the cloud.
Risk of Misconfiguration
Security incidents related to misconfigurations are the most frequent. It refers to situations where resources are left publicly accessible (S3 bucket, ElasticSearch database…). Configuration also covers firewall rules and port management. A risky practice is, for example, to leave administration-related ports (SSH) open.
Risk of data leaks is critical because consequences can be multiple (economic, legal and commercial).
Risks Related to a Larger Attack Surface
One of the consequences of the cloud is a large and frequently changing attack surface. Between the risk of forgetting instances, the multiplication of access points and of users having access to them, the risk of data exposure is increased.
Risk of Data Dispersion
Sometimes several clouds are used in the same company. Data is then spread in several places and may be duplicated. As your teams must secure different clouds, this can lead to overlooking, errors or lack of human resources for cloud management. It is also difficult to obtain complete visibility into the information system infrastructure.
Risk of Non-Compliance
Cloud providers generally provide offers adapted to different legal requirements (GDPR, HSCN hosting…). However, this is an element that you must take into consideration and monitor when configuring instances.
Cloud Security: What are the Best Practices?
These risks can be limited by good practices. Here are a few that we believe to be key for the cloud.
Identity and Access Management
- Control access to resources: who has access to what? It is necessary to apply the principle of least privilege.
- Use an identity and access management tool (IAM). This tool allows you to create user groups where roles and rights are very precisely defined. Depending on cloud providers, predefined roles are provided to build on. A good IAM tool gives visibility on access at a structural level.
- Plan a strong authentication policy for all your users.
Logging and Monitoring
- Centralise the logs and check that they are active.
- Monitor data transits.
- Set up detection of intrusion attempts and of unusual events.
- Plan to archive logs, for as long as you think is appropriate.
- Set up alerts in case of configuration and security changes.
Networking and Computing
- Check the default rules in order to validate, modify or delete them (to restrict access to databases…).
- Segment the network (public/private subnets).
- Encrypt sensitive data storage areas, with your own encryption keys.
- Secure the endpoints through which users will access the cloud.
Finally, from a more global point of view, the growing good practice is Infrastructure as Code. Cloud can in fact be configured via a console. But this poses risks, because there is no trace nor history of changes. It is therefore difficult to identify the configuration problems that are introduced there, for example.
Infrastructure as Code (IaC) consists of coding what the infrastructure is going to look like. IaC allows better version and change management, standardisation of configurations and automation of resource management. Tools have been developed to help IaC, such as Terraform, Ansible, Puppet, Chef…
Code can then be analysed by static code analysis tools, which check for changes and can detect errors (e.g. Chekov), in order to enhance security.
To go further, an architecture review with access to the code can be conducted to analyse your infrastructure in depth. This white box audit allows for example to look for vulnerabilities related to service configuration, poor rights management, etc.