The Complexity of Cloud Computing Increases Security Risks
Cloud security is complex and distributed. In organizations with on-premise environments, the controls sit with the network security team and in firewalls. In the cloud, controls sit with multiple DevOps teams, Kubernetes, 3rd parties, inside AWS, etc. Cloud security controls may not be implemented by security teams but by numerous application developers. The impact is an exponential growth in misconfigurations that are leaving resources with unintended or accidental exposure to the Internet.
Security challenges in the cloud have become so prevalent that Gartner has defined Cloud Security Posture Management (CSPM) as a new category of security products designed to identify misconfiguration issues and risks in the cloud. CSPM solutions are typically used by security organizations that want the equivalent visibility and security that they’ve had with on-premise environments.
Furthermore, today’s cloud-native applications are built on services that are based on containers orchestrated with Kubernetes. For example, Amazon’s managed service for running Kubernetes is Elastic Kubernetes Service (EKS), but users can create security controls to protect their EKS clusters.
RedSeal Stratus can help security teams better manage this increased risk with:
- Complete and up-to-date visualization of their cloud infrastructure
- Detailed knowledge of Kubernetes accounts and policies
- Specific identification of resources exposed to the Internet
According to Gartner, through 2030, at least 99% of cloud security failures will be the customer’s fault.