Has your attack surface increased as you've moved more workloads to the cloud? While moving to the cloud can be a great idea, it can also be a security headache for IT departments who have not increased their security staff to keep up with the demand. All it takes is one data breach to put your organization at risk and endanger the value that moving to cloud brings.
What is an attack surface? “We can define attack surface as our exposure, the reachable and exploitable vulnerabilities that we have,” says Stephen Northcutt at sans.edu.
The good news is that by following these tips, you can reduce your cyber-attack surface before it is too late. Here are 6 tips to help you get started:
- Watch your ports: Too often, data breaches occur because development servers are attached to the internet with unintended ports left exposed. When you move your workload to the cloud, make sure you monitor which ports are needed by your workload and that you close the ones that are no longer needed.
- Include security within DevOps: In some cases, security is an afterthought, bolted on after an application is built and not included within the DevOps cycle. As organizations rely more on agile development practices, security needs to be a consideration throughout the process.
- Monitor (and alert!): Having visibility into your secure cloud architecture allows you to monitor for conditions in real time. In the case of a cyber attack, monitoring and alerts can reduce the collateral damage that occurs after a host has problems, and issues can be resolved in minutes rather than days.
- Minimize complexity: Sometimes policies become obsolete but are never cleaned up. A great example might be firewall rules that were created a year ago, have gone out of date since, but were never cleaned up. By making a point to clean up old policies (i.e. firewall rules), you can minimize the complexity within your organization.
- Encrypt your data: With traditional encryption between data centers, it is possible to use an encrypted tunnel between firewalls. With modern multi-tenant cloud environments, this can be a difficult, if not impossible, process to implement.
- Go beyond the edge: Traditional elements of perimeter security have been destroyed by the multi-tenant cloud architectures that exist today. In today's environment you need to focus on more than just the edge of the data center. You need to focus on the larger attack surface which includes the communications between workloads that never traverse a network perimeter. This is an example of where Safe-T Software Defined Perimeter can help by enhancing your cyber threat protection.
If your attack surface has increased...
If your attack surface has increased and you’re not following these steps, it can be a problem when the next attempt occurs. But using these steps, along with the right tools (like the Safe-T Software Defined Perimeter) can make a big difference.