This post originally appeared on The New Stack and is re-published here with permission.
In our technology-driven business climate, most companies have at least some, if not all, workloads on the cloud. And unlike on-premises networks, these cloud environments lack secure outer perimeters and specific off times. Cloud networks are always on and always available. While convenient, this also means hackers can access them at any time. So, any vulnerabilities in these networks, like cloud misconfigurations, can leave your organization open to security threats.
In this article, we examine the different types of cloud misconfiguration and why they occur. Then we explore what your team can do to prevent misconfigurations and ensure the safety of your data and your business interests.
What is cloud misconfiguration?
According to the NSA, misconfiguration is the most common cloud security vulnerability. Cloud misconfigurations occur when resources have not been constructed properly, leaving your systems vulnerable to attack.
Cloud environment misconfigurations can cause system outages, unwanted downtime, or security risks. Causes can include overly complex environments, insufficient security practice knowledge, and human error due to manual processes.
Types of cloud misconfigurations
The misconfiguration of cloud environments and resources can encompass a wide range of security issues. Two of the most common misconfiguration types are:
- Insufficient access controls and permissive network access
- Insufficient access controls on resources
The default permissions on the cloud typically start out with minimal barriers. This means everyone can access everything until the developer or system admin implements access control. Therefore, you must remember to set these controls as soon as possible.
Another scenario is when a developer decides to set everything as open access while configuring your applications. While this makes their job easier during the development process, if they do not go back to reimplement the access controls, your system will face a higher risk of data leakage.
Permissive network access
Just like access controls, when team members establish networks or new servers, they may apply relatively permissive port access and routes while configuring applications. The key is to make sure that only the intended external-facing ports are exposed, reducing the communication options between resources. This technique removes many of the attack vectors that malicious parties can use.
Risks associated with cloud misconfigurations
So now we know what misconfigurations are. Why should we care?
Cloud misconfigurations can pose many risks to your company’s security and your ability to serve your customers. Depending on the type of misconfiguration, these risks can range from performance or reliability issues to significant security risks.
The two most common risks are:
- Sensitive data leaks
- Service disruption
Leaking of sensitive data
Many access control misconfigurations can expose sensitive data or leave valuable files at risk of being stolen. Allowing attackers to read data from your databases or retrieve files from cloud storage puts your company at risk of corporate espionage, exposes users’ personal information, and enables malicious actors to delete critical data.
Disruption of services
If attackers gain access to your network or servers, they can potentially disrupt your services. This disruption can include ransomware attacks. Hackers can encrypt your files or servers, delete resources or even use your servers to send spam or mine bitcoins illicitly.
Incorrectly configured servers, networks, or containers could prevent scaling correctly under load or hinder recovery from a site disaster. This can cause outages for your users and force you to overpay for environments.
How cloud misconfigurations occur
As IT professionals, we do not intentionally set out to misconfigure resources or set up environments in a way that will cause problems later on. Most misconfigurations happen because of human error combined with factors like overly complex infrastructure or insufficient understanding of security practices.
Overly complex infrastructure
Humans make mistakes when the complexity of our environment increases beyond what we were used to. Quickly creating resources, adding components or new containers, and changing configurations within a scalable architecture — these can all create errors.
These actions are needed to grow your business, so it is important to implement a set security checklist. Without some form of standardization within your environment, you may struggle to ensure that all components are configured and secured correctly.
Insufficient understanding of security
Most developers and DevOps teams do not prioritize security when developing and working with applications and infrastructure. These teams mainly focus on getting services to work correctly and provide functionality to users.
Keep security in mind when hiring your development team. Make sure they understand important concepts like encryption at rest, the principle of least privilege, and application hardening.
Tips for reducing misconfiguration
Paying closer attention to cloud configurations may seem tedious initially, but it pays off in the long run. Luckily, there are many solutions and processes available to mitigate the risk of misconfigurations and significantly reduce the likelihood they will occur. There are many tools and techniques that your IT teams can deploy, depending on the nature of your environments and organization.
Adopt a change management practice
Change management practices, such as a regular change cadence and a change review group, can significantly reduce the chance of misconfiguration. Scheduling, reviewing, and implementing changes in a standardized way reduces the risk of misconfiguration significantly, without additional tools.
Simplify your environments
Rather than having custom infrastructure for every component deployed within your environment, standardize a few components and deploy them using templates. Standardization allows team members to spot different component configurations quickly and makes managing the entire environment more straightforward.
Make sure your team maintains and backs up environment documentation and configurations like any other critical data set. This practice lets you compare the current environment with the intended environment.
Documenting configurations and environments may seem tedious at first, but the extra work will become beneficial in the long run. These documents will play a key role in helping you and your team track what goes wrong, troubleshoot, and figure out what to do in the future.
Adopt an infrastructure-as-code practice
Building on the idea of a change management practice, we recommend adopting tools and processes to build infrastructure as code. It is much harder to make configuration mistakes when you are defining your infrastructure as code and reviewing it regularly. It is also much easier to prevent configuration drift and to roll back unintended changes if you adopt continuous delivery tools that keep your configurations evergreen.
Scan for vulnerabilities
We also recommend scanning your environment regularly for any vulnerabilities. This scanning should include everything from static and dynamic application security testing to scanning networks and firewalls to ensure that ports and routes remain locked down.
Your team can use configuration code scanners, like Bridgecrew and Snyk, to find and fix common configuration errors in your infrastructure-as-code frameworks.
Perform penetration testing
Along with regular vulnerability scanning, running actual penetration tests against your environment and applications can help find and fix potential weak points within your architecture.
Because it is a specialized service, penetration testing can be costly. It is wise to budget for some form of regular penetration testing to ensure that your application is as robust as possible.
Adopt a DevSecOps culture
Security has long been an afterthought in the development and deployment process. Combining awareness and focus on development, security, and operations creates a DevSecOps culture. This culture helps developers integrate security as an essential part of application design and development.
Having knowledgeable security resources on your application design and development teams helps bake security into your application’s foundation. This will save you the headache of fixing problems later, by preventing them in the first place.
Even in these brilliant technological times, misconfiguration is common in cloud environments, causing system outages and data breaches in companies of all sizes. You can solve many misconfigurations using a more defined, standardized approach to security, and baking this approach into your development processes and tools. By expanding development practices into your infrastructure management and focusing on security, you can drastically reduce the impact and occurrence of misconfigurations.
To explore more about common security issues and how to prevent them, check out CircleCI’s ebook, 6 Paths to Application Security.