Digitization is allowing companies around the world to continue to expand their horizons to reach the top, showing a new common goal: the clouds. Thanks to the cloud infrastructure, many file and application deployment processes have been dramatically accelerated, making what used to take days or even weeks to be done in minutes.
On the occasion of World Archives Day, Check Point Software Technologies Ltd. wants to take the opportunity to highlight some of the strengths and weaknesses of the cloud, emphasizing the need to optimize security and promote prevention to address advanced threats facing this environment.
According to the company’s studies, when examining the last two years of the cloud-based network threat landscape, 2022 showed a significant growth of 48% in the number of attacks per company compared to last year, with a trend that is still increasing for 2023. An increase that comes as a result of companies moving their operations to the cloud, due to the escalation of digital transformation processes and the ever-increasing amount of data being managed.
While security teams continue to strive to stay online at this speed and magnitude, it is not possible to scale resources, especially human resources, to the same level that the rapid pace of deployment of these technologies require. Currently most cloud-focused security solutions lack the necessary context to be able to determine and address real threats, increasing the level of risk to these infrastructures.
For all these reasons, Check Point Software shares the fundamental pillars for any company to achieve robust cloud security:
1. Safety first: it is important to maintain a focus on cybersecurity even before making the leap to the cloud. Building in protection and ensuring compliance early in the software lifecycle, as well as performing ongoing security checks during the deployment process, can help find and fix vulnerabilities early on.
2. Zero Trust security controls: business-critical resources and applications must be deployed in logically isolated sections of the provider’s cloud network, such as virtual private (AWS and Google) or vNET (Azure). To micro-segment workloads from each other, subnets with granular security policies must be used on subnet gateways. In addition, user-defined static routing configurations must be used to customize access to virtual devices, virtual networks and their gateways, and public IP addresses.
3. Vulnerability management: monitoring policies ensure that your deployment complies with corporate code integrity. These measures will alert you to deviations and can block the deployment of unauthorized elements. Remediation processes must be put in place to alert the development team to non-compliant files and apply appropriate corrective actions. In addition, vulnerability scanning tools and the Software Bill of Materials (SBOM) should be incorporated to quickly identify components with critical vulnerabilities.
4. Avoid misconfiguration through continuous analysis: cloud security vendors provide their robust security posture management, systematically applying control and compliance standards to virtual servers. This helps ensure that they are configured according to best practices and properly segregated with access control rules.
5. Active and multilayer protection: malicious traffic must be prevented from reaching web application servers. Installing a firewall can automatically update rules in response to changes in traffic behavior. In addition, it is necessary to maintain data protection with encryption at all layers of file shares and communications, as well as continuous management of data storage resources.
6. Real-time threat detection: third-party cloud security providers add context by intelligently cross-referencing log data with internal data, asset and configuration management systems, vulnerability scanners, external data, etc. AI-based anomaly detection algorithms are applied to identify unknown cyberattacks, which are then subjected to analysis to determine their risk profile.
These security solutions must continue to evolve to incorporate the new technologies that the cloud makes possible, while automating them as much as possible to simplify their use and make them as dynamic as the cloud itself. It is essential that companies invest in cybersecurity to help their managers change and adapt their approach to their needs and the evolution of their cloud infrastructures.
previous post