How secure is the Cloud? (part three)
Following on from our past two articles on Cloud security, if we’re satisfied that Cloud Data Centres have all of the appropriate physical security controls and provide the necessary levels of redundancy then we move our focus to the layers above physical controls, that is, securing the systems being hosted by the Cloud providers. This is where each organisation - as a ‘tenant’ using shared infrastructure - needs to ensure the appropriate security controls are in place. The details of “How to” secure your Cloud environment is the subject of a separate article (keep an eye out for it), but at a high level, the design should be based on Information Security best practices and appropriate for the level of risk the organisation is prepared to manage.
The architecture should address the following high level security design elements:
Perimeter - Ensure the perimeter of the organisation’s Cloud tenancy is secure and the breach threat has been mitigated by using a secured, monitored, multi-layered Network architecture.
Connection – Once the perimeter both in the Cloud and on-premise is secure, it’s important to ensure the connection between the two environments is a secure private connection that acts as an extension of the existing corporate network. The connection should not introduce any vulnerabilities, ensure the confidentiality and integrity of data transferred, and be secured using Multi Factor Authentication.
Hands off servers – Continuous integration and automated deployment of infrastructure will reduce many security threats associated with manual deployments. Managing the infrastructure using SDLC aligned approaches not only provides the opportunity to reduce errors and improve efficiency, but also improves the level of security ‘baked’ into the systems. The automated infrastructure buildout should perform all of the necessary security hardening and include the various third-party product agents. Enforcing infrastructure-as-code management methods will prevent configuration drift between environments, accidental regressions and reduces internal threats.
Preventative threat management – Intrusion Detection and Prevention, log aggregation analysis and taking corrective action should all be built into your organisation’s Cloud platform environment. In a typical on-premise architecture, IDS is positioned at the perimeter of the enterprise network (which is also the case for Cloud environments). However, there are also preventative threat management controls that should be implemented within the Virtual Private Cloud environment. It is important to automatically monitor and detect configuration changes. Any unauthorised changes made to the accepted security hardened configuration state should be automatically reverted. This can be achieved using a combination of built-in Cloud controls and third party products. Another complementary method of intrusion detection and prevention in the Cloud is to configure billing thresholds and automated billing alerts. The alerts can be set based on the anticipated consumption at daily and weekly intervals. The threshold breach can trigger pre-configured automated actions.
Vulnerability management – proactive vulnerability scanning should be embedded into the build and release process to verify that new vulnerabilities are not being introduced with each build and that the environment remains consistent with the accepted standards. The vulnerability scanning should also continually monitor for vulnerabilities potentially introduced outside of the build and release process. The periodic automated scanning of environments should be integrated with the organisation’s vulnerability management and assessment processes.
- Built-in security hardening – the hardening of the instances and environment should be ‘baked’ into the automated build and deployment processes for infrastructure and applications, and should align with industry-accepted hardening standards such as CIS or NIST 800-123. Security patches should be part of the base image hardening process and be deployed using completely automated processes aligned with the organisation’s patching lifecycle policy. Continual automatic verification of whether running instances have been hardened correctly should be built into the environment.
Whether your organisation uses an on-premise or Cloud-based environment, taking a risk-based approach to investing in threat management is the best way to ensure the time and effort expended on a solution aligns with the accepted risk profile of the particular threat. Given the in-built security controls available in the Cloud platforms and the additional security technology available via the AWS and Azure marketplaces, it’s a lot easier and more financially viable to create a strong security posture using a Cloud architecture.
So, back to the original question we posed in our first article: How secure is the Cloud? The answer is YES - given all of the additional security controls available as either built-in controls or as consumable third party services. However, be mindful that you don’t get the level of security needed for most organisations by using an out of the box IaaS without investing some effort into configuration and customisation.