Smart Teaching to Avoid Data Breaching

Steven Puddephatt
image 4 Min read
Cloud Workload Protection

It can’t have escaped everyone’s attention, since the move to the cloud the number of data breaches has gone through the roof. In this article, I’m going to run through why this is happening, why workplace policy won’t fix it, and what your organization can do to reduce the risk of being next.

Why so many data breaches in the cloud?

The simple answer here is autonomy. In the days before cloud computing all servers and infrastructure were set up and configured by an operations team.

The process was ultimately cumbersome, slow, and overall frustrating to most businesses. Cloud computing allowed developers and other teams within businesses to set up their own infrastructure without too much knowledge of networking, firewall rules and other security practices.

This means that projects get off the ground much quicker and businesses are more agile. It also means that the operations team, who used to act as the police department of IT, have also lost visibility of what is going on. Or, more likely, there’s so much going on they can’t possibly keep track of what’s been built and where misconfigurations and security risks are.

Why don’t security policies work?

A classic mistake made by many organizations is to make something publicly accessible and with open access. This could be a database, storage bucket, or any other easily accessible data store. This really is the easiest thing to remedy, you simply have a policy that says ‘do not open up data storage to the general public’. Problem fixed.

The issue with this is, as all parents of young children know, you can say something until you’re blue in the face but someone, somewhere, will still misconfigure data storage so it’s accessible publicly. There are just simply too many possibilities for misconfiguration, too many users in an organization with the power to spin up infrastructure and too few IT administrators to keep track. You need an automated system to keep you in line and alert you.

How can I protect my cloud against misconfiguration?

It has taken a little while for software companies to catch up and until recently you have needed an army of scripts and custom alerts to keep your infrastructure in check. The good news is that cloud workload protection tools are becoming more mature. The latest iterations of cloud tools are exactly what industries have been crying out for.

If you have been doing this in-house until now it’s time to reconsider the benefits of an off-the-shelf solution, they will undoubtedly offer greater coverage than you are able to muster on your own.

What are the features of cloud protection tools?

Let’s look at 4 of the main features

1. Excessive permissions

It’s only too common for users to be given too much privilege and/or for services to be granted roles that they do not need. Software now analyses user’s permissions, highlights where users or services have been over-provisioned and makes recommendations to resolve it.


2. Exposed assets

As mentioned earlier one of the most common faults is to leave assets exposed to the public, these can now be automatically screened and captured:


3. Attack summaries

By plugging into flow logs and cloud trial systems the latest protection software can provide you with a step-by-step analysis of what unusual activities have been happening in your account. Below we see an example of a compromised user account being used to setup a crypto mining server and communicate to an external IP:


4. Compliance reports

If anyone has ever had to prove to an auditor that they have met this or that ISO standard, then they’ll know what a pain it is to track this and to prove this. With cloud protection software you get out of the box ISO standards reports and CIS compliance reports.

This means with virtually no effort you can track and trace things like the use of a root user, if MFA tokens are being used and if certain ports are open (to name a few):


What’s the main advantage of these tools?

It has taken a while for security firms to learn what a good cloud platform looks like. Now that these companies have an understanding of what cloud platforms should look and behave like, it has become much easier to spot misconfigurations in yours. We also have machine learning and AI to more easily spot anomalies in your platform.

The end result is very smart insights into your security posture with almost no administrative overhead on your behalf. These tools only need to plug into your audit trail and within a day they provide rich insight into what’s really happening in your estate. No more “we should be OK” … followed by a nasty surprise!

Sounds interesting, how do I find out more?

Luckily, as of the time of writing this, vendors are offering free POC’s to prove the value. No commitment to buy and very easy to setup. 

If you have any questions, contact us today to help you out with your performance and security needs.



There’s more to see

slider item
Cloud Workload Protection

GlobalDots Partners with CWP Innovator Lacework

Li-Or Amir 23.11.21

In its constant endeavor to enrich its cloud security offering with the latest innovation, GlobalDots has recently introduced security unicorn Lacework to its vendor portfolio. Founded in 2015, Lacework offers a cloud security monitoring platform which brings together some of today’s top needs: Workload protection, container & K8s security, compliance monitoring. Last weekend (Nov. 18th, […]

Read more
slider item
Cloud Workload Protection

Demo: Inside Radware’s Cloud Native Protector

Steven Puddephatt 11.10.21

How many of your users’ cloud permissions are actually necessary? How do you prevent excessive permissions from enabling workload breaches? Can there be one source of truth for vulnerabilities in multi-cloud environments? And how hard is auto-hardening? This demo is all about answering these questions. Watch GlobalDots solutions engineer Steven Puddephatt break down the basics […]

Read more
slider item
Cloud Workload Protection

Solution Brief: Agentless Cloud Workload Protection

Admin Globaldots 13.04.21

Explore the main features, capabilities, and benefits of the latest cloud workload protectors. This category of products is meant to safeguard the organizational public cloud environment by: Removing excessive permissions Creating attack stories out of anomalies across different apps and workloads Auto-hardening upon suspicious incidents Fill out the form to get your copy of the […]

Read more

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Contact us
figure figure figure figure figure