Security threats rise for companies using public cloud services
The majority of the UK’s organisations are failing to manage vulnerabilities exposed in the cloud computing services they use, according to a new survey, opening many up to potential data breaches or attacks from hackers.
According to the latest Cloud Security Trends published by online security start-up RedLock, 81 per cent of organisations are not effectively dealing with host vulnerabilities in the cloud.
The firm have tracked data exposures at just over 250 enterprises – of various sizes, from SME to multinational companies - and have found that they are rising because they are failing to stick to established online security best practices.
The report illustrates this with the fact that 53 per cent of organisations using decentralised storage services, such as Amazon’s Simple Storage Service, have accidentally ignored controls to deny public access to files stored there. This is a stark increase from the 40 per cent recorded by RedLock in May.
Amazon Web Services warned users in July to review their cloud storage sharing policies in the wake of several high-profile data leaks for customers of Verizon, Dow Jones, WWE and US voters.
An analysis of customer environments also found that around 38 per cent of companies using cloud services still have user accounts active which may have been compromised, the report also found. These accounts, says RedLock, could be used to “infiltrate the environments” which they access.
A staggering 37 per cent of organisations also maintain databases which permit inbound connections from the internet, widely considered to be a poor security practice to have in place. Of these, the report found, 7 per cent are receiving requests from suspicious IP addresses, which indicates that they may have been compromised.
The enterprises included in RedLock’s research failed 48 per cent of PCI data security checks, considered by many to be the industry standard, with 19 per cent described as “critical”, such as maintaining unencrypted databases.
The report’s authors said: "Host vulnerability data needs to be correlated with host configurations in the cloud that can help identify the business purpose of the host and help prioritise patching.
"For example, is this host a web server or a database server? Is it running in production or staging? In addition, the network traffic should be monitored to identify whether the vulnerabilities are actually exploitable."
