sb-au logo
Story image

Pitfalls to avoid when configuring cloud firewalls

10 Dec 2018

Article by FireMon technology alliances VP Tim Woods

Data breaches are giving cloud a bad reputation.

Simple configuration errors in cloud-based application deployments are still making a splash in the media – and they’re not going away.

From the Target hack in 2013 to the World Wrestling Entertainment (WWE) and Verizon leaks in 2018, they are all based on misconfigurations.

These days, cybercriminals don’t even bother with sophisticated hacks; instead simply looking for those simple errors to fulfil their goals.

If the industry does not get ahead of it, 2019 will be just as colourful.

Gartner predicts 95% of cloud security incidents will be the customer’s fault by 2020.

The State of the Firewall Report 2018 uncovered the scale of the problem.

When it comes to managing firewalls in the cloud, security professionals are less likely to know who is responsible for cloud operations, with 33% of respondents saying they weren’t sure who was responsible all.

This is how things spiral – if an on-premise environment isn’t mirrored in the cloud, with the right controls, businesses could be subject to a world of pain.

Preparing for the year ahead

It is time companies consider their new year’s cyber resolutions for 2019.

To do that, CIOs and CISOs need to be able to prioritise organisational and governance processes, without having to firefight all the time, getting distracted by cloud vendor challenges.

Knowledge is power when it comes to the cloud. 

A deeper understanding of what the cloud provider affords the builder is essential if mistakes are to be avoided. 

It’s encouraging to see a provider like Amazon Web Services committing to adding security functionality and more prescriptive “best practice” blueprints for the less experienced cloud architects. 

Flexibility and granularity of security controls are good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.  

Working with vendors is a collaboration, and both partners need to pull the necessary weight to make it work.

A cloud vendor isn’t responsible for a business’ security strategy.

This means a company’s network operations team need to know all about the different offerings from cloud vendors - and when picking a cloud provider, advise the business on the implications of certain choices.

Prevention is about people and policy

When it comes to cloud security, consistency is key – cloud controls should mimic an on-premise security policy.

That way, security teams remain consistent and can easily enforce security policy in the cloud as well.

With a firewall, the controls in the cloud should mirror on-site firewall rules. 

There are times when the person taking responsibility is someone who is familiar with a specific project, but not the business-wide security policy. 

This can lead to unintentional configuration errors that allow inappropriate access through the firewall.

When hybrid and public clouds are introduced into a network, the principles of managing a firewall actually don’t change, it’s just in another place.

There are nuances that an organisation needs to think about though: whether the intention is to move an existing on-premise system into the cloud or create a whole new cloud deployment that doesn’t have a home on-premise.

If the intention is to move an existing on-premise system, and the security controls in the new cloud implementation do not mimic those of the on-premise implementation, security teams are asking for trouble.

Thankfully, it can be solved easily, as it is often an operational issue.

As long as someone takes control of the cloud migration that knows the pre-existing security controls, and can mirror those same controls in the cloud, teams should be in the clear.

That’s why sorting out ownership of cloud among the IT team is important.

This ownership is also key when creating new cloud deployments (those for which there is not a pre-existing on-premise system).

Developing the right security controls in this situation needs to involve all stakeholders across an organisation, simply to ensure a company strikes the right balance between business, operations and security.

Story image
Gartner predicts 75% of CEOs to be liable for cyber-physical security incidents by 2024
The nature of CPSs means incidents can quickly lead to physical harm to people, destruction of property or environmental disasters – and Gartner’s new research indicates that these incidents will increase drastically in the next few years if the lack of spending on these assets continues.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Netlinkz revenue surges 846% as secure enterprise cloud technology gains traction
Executive chairman James Tsiolis believes this growth is the start of something much bigger.More
Story image
Metallic adds data management and GDPR compliance
Now GDPR compliant, additions to the portfolio include eDiscovery features and support for Microsoft Hyper-V and Azure Blob and File storage.More
Story image
Fujitsu recognised a leader in Australian cyber security
"The company is well positioned to serve new businesses in the managed security services market in Australia."More