Security News > 2021 > August > The Overlooked Security Risks of The Cloud

Cloud deployments are also a huge source of data leaks, and third-party data providers running in the cloud continue to be a source of data leaks from otherwise secure organizations.

Security is paramount for the companies who build and maintain the major clouds like Azure, AWS, Google Cloud Platform and others - Microsoft for example has an extremely well-developed process to secure its hypervisor layer.

With the rise in hybrid-cloud deployments and point-to-point VPNs connecting cloud environments to a customer's on-premises network, a beachhead on a cloud VM could easily become a pathway to the heart of an organization's network.

While it's true that cloud providers cannot be responsible for all security decisions made by their customers, their approach is primarily focused on selling additional security tooling - and reports of breached VMs discovered by external security researchers are frequently dismissed as unactionable.

All of this isn't to say that cloud networking is inherently insecure, but as the world shifts to a cloud-centric and hybrid cloud environment, particularly for remote workforces, organizations need to recognize that their cloud-security strategy, policies, controls and processes must be as robust as in a classic on-premises environment.

Whether the large delta is a result of vastly different customer sizes or significant differences in the security posture is impossible to determine, but it serves to underline the fact that cloud customers are being compromised in massive numbers, and these infections are going unaddressed.

News URL

https://threatpost.com/security-risks-cloud/168754/