Cloud misconfigurations, poor access controls and shared tenancy and supply chain vulnerabilities plague many organizations, and the National Security Agency (NSA) has released guidance to help organizations mitigate these issues.
The NSA offers several tips that organizations can use to address cloud vulnerabilities, such as:
1. Cloud Misconfigurations
- Leverage cloud service policies to prevent users from sharing data publicly.
- Deploy cloud or third-party tools to detect misconfigurations.
- Limit access to cloud resources.
- Audit data access logs.
- Restrict data access.
2. Poor Access Controls
- Use multi-factor authentication.
- Leverage cloud-based access controls.
- Avoid the use of application programming interface (API) keys in software version control systems.
3. Shared Tenancy and Supply Chain Vulnerabilities
- Encrypt data at rest and in transit.
- Use dedicated, whole-unit or bare-metal instances for sensitive workloads.
- Choose cloud offerings that have components evaluated against National Information Assurance Partnership (NIAP) Protection Profiles.
MSSPs and Public Cloud Services Security
MSSPs and MSPs also can leverage various solutions to help organizations limit cloud vulnerabilities.
For example, Sophos last month extended its MSP Connect Flex billing options to Cloud Optix, a solution that automatically discovers and secures customer assets stored in Amazon Web Services (AWS), Microsoft Azure and Google Cloud. MSSPs and MSPs can access Cloud Optix via the Sophos Central platform.
Furthermore, BlackBerry Cylance in October integrated CylancePROTECT and CylanceOPTICS with Chronicle Backstory, a Google Cloud-based security platform. This enables MSSPs and MSPs to leverage BlackBerry Cylance endpoint protection, threat detection, prevention and response capabilities in conjunction with a Google Cloud-based security analytics platform.