Story image

Pitfalls to avoid when configuring cloud firewalls

10 Dec 2018

Article by FireMon technology alliances VP Tim Woods

Data breaches are giving cloud a bad reputation.

Simple configuration errors in cloud-based application deployments are still making a splash in the media – and they’re not going away.

From the Target hack in 2013 to the World Wrestling Entertainment (WWE) and Verizon leaks in 2018, they are all based on misconfigurations.

These days, cybercriminals don’t even bother with sophisticated hacks; instead simply looking for those simple errors to fulfil their goals.

If the industry does not get ahead of it, 2019 will be just as colourful.

Gartner predicts 95% of cloud security incidents will be the customer’s fault by 2020.

The State of the Firewall Report 2018 uncovered the scale of the problem.

When it comes to managing firewalls in the cloud, security professionals are less likely to know who is responsible for cloud operations, with 33% of respondents saying they weren’t sure who was responsible all.

This is how things spiral – if an on-premise environment isn’t mirrored in the cloud, with the right controls, businesses could be subject to a world of pain.

Preparing for the year ahead

It is time companies consider their new year’s cyber resolutions for 2019.

To do that, CIOs and CISOs need to be able to prioritise organisational and governance processes, without having to firefight all the time, getting distracted by cloud vendor challenges.

Knowledge is power when it comes to the cloud. 

A deeper understanding of what the cloud provider affords the builder is essential if mistakes are to be avoided. 

It’s encouraging to see a provider like Amazon Web Services committing to adding security functionality and more prescriptive “best practice” blueprints for the less experienced cloud architects. 

Flexibility and granularity of security controls are good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.  

Working with vendors is a collaboration, and both partners need to pull the necessary weight to make it work.

A cloud vendor isn’t responsible for a business’ security strategy.

This means a company’s network operations team need to know all about the different offerings from cloud vendors - and when picking a cloud provider, advise the business on the implications of certain choices.

Prevention is about people and policy

When it comes to cloud security, consistency is key – cloud controls should mimic an on-premise security policy.

That way, security teams remain consistent and can easily enforce security policy in the cloud as well.

With a firewall, the controls in the cloud should mirror on-site firewall rules. 

There are times when the person taking responsibility is someone who is familiar with a specific project, but not the business-wide security policy. 

This can lead to unintentional configuration errors that allow inappropriate access through the firewall.

When hybrid and public clouds are introduced into a network, the principles of managing a firewall actually don’t change, it’s just in another place.

There are nuances that an organisation needs to think about though: whether the intention is to move an existing on-premise system into the cloud or create a whole new cloud deployment that doesn’t have a home on-premise.

If the intention is to move an existing on-premise system, and the security controls in the new cloud implementation do not mimic those of the on-premise implementation, security teams are asking for trouble.

Thankfully, it can be solved easily, as it is often an operational issue.

As long as someone takes control of the cloud migration that knows the pre-existing security controls, and can mirror those same controls in the cloud, teams should be in the clear.

That’s why sorting out ownership of cloud among the IT team is important.

This ownership is also key when creating new cloud deployments (those for which there is not a pre-existing on-premise system).

Developing the right security controls in this situation needs to involve all stakeholders across an organisation, simply to ensure a company strikes the right balance between business, operations and security.

Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nozomi and RIoT to deliver advanced ICS security solutions to Australia
''As a specialised integrator of robust and resilient ICT and IoT solutions within Australia, we are delighted to be partnering with Nozomi Networks."
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”