Cloud adoption is a topic which we have published a number of blogs on; and have daily conversations about. The benefits of the cloud are well documented, from lower operational costs to better rates of availability.
But we can't help but feel this is sometimes against the behest of security.
So what can you do, now that your network is in a state of hybridity, to improve the overall security posture of these seemingly intangible, yet sensitive assets?
All is not lost!
We have whittled it down to three must-have solutions which you should have in-place, whether it be for AWS, Microsoft Azure, Google Cloud or another provider.
We have said it before and we will say it again: Re-inventing the wheel is a foolhardy approach in an industry where everyone is lacking in time.
There are a number of well known and respected organisations offering secure configuration standards for everything from operating systems, to network devices to virtualisation software. The idea behind all of them is to provide you with a hardened version of your asset, so that any known vulnerabilities from the default configuration are removed. Thus reducing your attack surface.
The most popular creator of such standards is the Centre for Internet Security (CIS), also known as the CIS benchmarks.
Applying these secure configurations to your cloud assets have the same effect as they would on an in-house asset. Reducing any inherent vulnerabilities and attack surface.
With cloud assets having more exposure to outside threats; and the vast majority of breaches involving a exploit against a known vulnerability, the use of secure configurations is both common sense and essential.
Take a look at our blog for more information on secure configuration management and system hardening on AWS.
Sometimes overlooked as a nice-to-have. We believe that file integrity and change monitoring is essential in the cloud.
Consider that any exploit, installation of malicious software or change in configuration will always involve an element of change from a safe state to an unsafe one. With this in mind, change monitoring will always reveal undesirable actions and conditions arising in the cloud.
File integrity and change monitoring works by taking a snapshot of an accepted safe state and then comparing the current state to this until a change is detected.
Making it the perfect trap.
Would you like to learn more about how file integrity and change monitoring works? Take a look at our blog for more information.
To extend on must-have number 2, there are two types of changes. Those which are mandated or expected and those which are unexpected.
When changes which are mandated or expected, they are still detected as a change, otherwise known as change noise, something which traditional file integrity and change monitoring solutions struggle with. More innovative solutions combat this by using closed-loop change management processes.
Pairing a file integrity and change monitoring solution with an ITSM tool, such as ServiceNow, results in a feedback loop whereby only unexpected changes are flagged as problematic.
Thus reducing the additional noise created by expected changes; and focussing your IT on genuine areas of interest.
In addition, there are a number of major benefits to implementing a closed-loop change management process.
Are you interested in implementing a closed-loop change management process? Check out our blog on this topic for more information.
NNT's Change Tracker solution offers all of the above features and more. By installing a small agent onto an end-point or using a proxying service where this is not possible. those devices can be monitored for secure configuration adherence and any unauthorised changes.
To compliment cloud deployments, Change Tracker packs a number of features and options for this type of environment, including:
If you would like to speak to one of our consultants about NNT Change Tracker and how it might be able to help your organisation improve their security posture, you can book an online meeting with us today.