Both the amount of data stored within cloud footprints and their volume are expanding rapidly.
And the public cloud, or a hybrid or multi cloud model that incorporates it, is the option of choice due to its low cost, simplicity, reliability, and flexibility, among other things.
However, there are drawbacks to everything; Particularly, according to experts, increased work processes in the public cloud may result in security flaws.
Dan Benjamin, Dig Security’s CEO and cofounder, stated, “Organizations are experiencing an explosion of data on their public cloud environments.” “an extended data attack surface that can lead to a breach or compliance failure” is the outcome of this.
The provider owns and manages all servers, storage, hardware, software, and other supporting infrastructure in the public cloud model. Additionally, those are shared with other businesses, or “tenants.”
More than 60% of all corporate data will be stored in the cloud by 2022. In 2015, this percentage reached 30%, and it has continued to rise as businesses strive to increase their adaptability and dependability.
The public cloud market is expected to generate $525.6 billion in revenue this year, representing a CAGR of nearly 14%. There is no doubt that the market will only continue to expand—and at a much faster rate—to the tune of $881 billion by 2027.
In addition, according to Gartner, public cloud spending will account for more than 45% of all enterprise IT expenditures by 2026, up from less than 17% in 2021.
But Benjamin said that high-profile security breaches like those at Uber and LastPass have shown how vulnerable cloud data stores are, even for businesses that know about cybersecurity and spend money protecting their data.
Benjamin stated, “Data is dynamic and complicated.” It is constantly changing across the public cloud because it exists in a variety of forms and is continuously collected.
He explained that cloud environments are frequently a component of intricate ecosystems that include on-premises infrastructure and multiple public cloud providers. In addition, a lot of businesses run multiple cloud instances, virtual machines (VMs), software-as-a-service (SaaS) applications, and containers simultaneously.
He stated that mapping data flows and discovering data as it moves between these assets is difficult and easy to lose control of.
According to Shira Shamban, CEO and cofounder of cloud security company Solvo, organizations give a lot of power to areas other than IT or DevSecOps as they move quickly and deliver faster to production.
Additionally, she mentioned that “they create, unintentionally of course, shadow data that does not follow security best practices.”
Shadow data is data that IT teams do not actively manage or regulate. Benjamin explained that it can include copies, backups, and snapshots of data used for development and testing. Spreadsheets, local copies of databases, emails, presentations, and personal devices are the primary places where it can be found.
This data is frequently not subject to security controls and policies, making it more challenging to track, manage, and monitor. Benjamin stated that it also makes it open to exfiltration and unauthorized access.
He stated that this poses a significant risk from both a compliance and security standpoint. A breach of data security exposes organizations on multiple levels, while a compliance lapse could result in fines and damage to reputation. Customers’ trust can be eroded, resulting in reputational damage, fines, legal fees, and IP theft.
According to Benjamin, the public cloud’s characteristics, in particular, “make it easy to spin up a new data store, but difficult for security teams to monitor the contents of that data store.” As a result, organizations must alter their perspective on data security.
Regardless of whether cloud data is stored in a private, public, hybrid, or multi-cloud environment, experts agree that it must be protected.
Shamban added that the most common attacks on-premises and in the cloud are identical. Usually, this is theft of credentials; Misconfiguration of cloud technology is the root cause of the unique attack vectors found in the cloud.
Benjamin concurred that there are numerous approaches to gaining access to the cloud environment; Software flaws, compromised credentials, and misconfigured access are all common methods used by attackers. However, he stated that the goal is always data theft or sabotage for financial or other gain, regardless of the method of infiltration.
Benjamin stated, “This is what makes focusing on protecting data so important and effective.”
Organizations use a variety of tools to safeguard themselves; Cloud security posture management (CSPM) is one common one. Through visibility automation, continuous monitoring, threat detection, and remediation workflows, this identifies and addresses risk. It looks for misconfigurations in SaaS, infrastructure-as-a-service (IaaS), and platform-as-a-service (PaaS) cloud environments and infrastructure.
Data security posture management (DSPM), on the other hand, was recently introduced by Gartner.
Gartner VP analyst Patrick Hevesi says that this has several parts:
As Benjamin explained, this strategy can be used in conjunction with the similarly innovative idea of data detection and response (DDR), which, as its name suggests, provides real-time monitoring, detection, and response. DevSecOps integration Policy enforcement Threat protection
He stated, “There is a movement toward better governance and monitoring over data assets and a heightened awareness of the risks.” DDR, cloud data loss prevention (DLP), and DSPM capabilities can assist businesses in confronting these obstacles head-on.
Shamban stated that, in the end, businesses must instruct their devops and R&D teams to have security “ingrained in their mindset.” They must also have the right tools to help them automate some of their day-to-day decision-making and remediation tasks, which will free up their time for more difficult projects.
She stated, “We can’t stop using the cloud, so we should learn how to use it more efficiently and securely.”
Benjamin concurred, recognizing that businesses will not abandon the public cloud because of its numerous benefits: “Cloud computing enables unparalleled flexibility, performance, and velocity.”
Benjamin concluded that, in the end, “the risks should not discourage organizations from using public clouds.”