Working remotely is todays new normal in order to stay safe and maintain business continuity due to the COVID-19 pandemic. While shifting to remote work allows organizations to carry on, there is a downside: Remote employees are not protected by security controls that are typically available when working in the enterprise network. Indeed, the probability of stolen credentials, public exposures, and compliance breaches increases significantly when working remotely.
Organizations need an automated mechanism to ensure business continuity, by securing their cloud environment and aligning with cloud security best practices.
Why Is It Harder to Secure Public Cloud Environments These Days?
As more and more employees work from home, the possibility of public cloud breaches increases, due to:
Increased probability of compromised credentials. Home networks are less secure than corporate ones, which can lead to a compromise. For example, there may be multiple devices on any given home network and if one is infected, or the router is insecure, chances of compromised credentials increase. This is compounded by increased internet usage by other family members, who may not adhere to proper security protocols.
Increased probability of exposed assets. Dev and DevOps teams might take shortcuts to allow access to different assets, such as machines and databases, and inadvertently expose them to the internet. Human error plays a large role here; for example, if access was supposed to be granted to an employee’s home network but was instead granted to a much wider network or to the whole internet.
Excessive permissions. Similarly, excessive permissions – which are the #1 cloud threat – can be given to different entities in the cloud, which can cause a larger breach if those credentials are misused by the user or stolen.
Lack of visibility. In light of the massive shift in the way people are now working, it’s more important than ever to gain better visibility of security posture, public exposure, compliance breach and misconfigurations.
5 Best Practices for Cloud Security for Remote Workers
Despite these challenges, not all hope is lost. There are several ways in which organizations can help enable remote workers to do their tasks in the cloud – securely:
- Enable multi-factor authentication for users with Console access and for the root user
- Make sure no inactive users are available, and that you follow the least privileges principle by revoking permissions for users with IAM policies that allow full *:* administrative privileges
- Enable relevant cloud logs (e.g., CloudTrail/Activity logs) in all regions of the account
- Make sure you’re aware of all assets exposed to the public (machines/storage/databases)
- Make sure you’re aware of security groups which allow ingress from 0.0.0.0/0
The right cloud protection is critical in these exceptional times. For example, with Radware’s Cloud Workload Protection service, you can get a detailed report which will allow you to get visibility into your cloud configuration and:
- Strengthen your users’ authentication
- Prevent and detect public exposure of different cloud assets
- Reduce attack surface by detecting users and roles with excessive IAM permissions
- Ensure your logging configuration is correct to get a better visibility of your public cloud
- Detect network and cloud native attacks
The author is Managing Director-India, SAARC & Middle East at Radware. Views are personal.