Find, Classify, Secure: Data Recon in AWS and Azure

3 mins to read

It’s Time To Do Your Data Recon

In 2020, over 155.8 million individuals were affected by data exposures that revealed sensitive information because of less-than-adequate information security. For those who missed our recent webinar, we’ve created a recap. This session is part of a series, Securing Data in the Public Cloud.

Why Does Data Security Matter

So, why is data security such a hot topic? Look at recent headlines that have emerged over the past couple of years. Billions of records have been leaked — and that’s just the beginning. Data has been moving to the cloud at an exponential rate, leaving a lot of sensitive data vulnerable in enterprise environments.

Organizations are losing track of where their data is, and there appears to be a gap in terms of what needs to be done. Even after some of the most shocking cases of data exposure, data security issues continue at an alarming rate.

A prominent example was the CVS Health database. Not to pick on one organization or provider, as this has been a ubiquitous challenge, but this case shows how important it is to know where your data is. So many security teams think they know because they have a map or plan of where their data is supposed to be — but then situations like this arise. The CVS Health database was leaked by a vendor that was working for them, leaving one billion records exposed online. This shows that many organizations have a poor indication of where their data is in their own cloud, and they are also unaware of when that information leaves their clouds — and then what happens to that data in other clouds.

This is a data security challenge that all organizations face. Just because you have a large company with a significant budget, that doesn’t mean you’re immune to this issue. It affects businesses of all sizes. The scale of the cloud is complex, and it is creating challenges that many people don’t even realize.

Data security challenges for enterprises of all sizes include:

  • Limited visibility, which leads to limited governance and management.
  • Identities and excessive access.
  • Monitoring and drift are not continuous.
  • Lack of maintenance.
  • Complexity across clouds.

The Importance of Cloud Data Discovery and Data Classification

This brings us to our next question, where do we start? The answer lies in cloud data discovery. The greatest priority here is your data, bringing us back to that fundamental question, “Where is my data?”

This is where things get tricky because your data could be in a bunch of different places. From storage accounts to S3 buckets, databases to data stores, keeping tabs on your data is a continuous task, and the complexity escalates quickly making it nearly impossible.

This leads to cloud data classification. This focuses on what your data is so that you can pinpoint your most sensitive data.

The challenges here are:

  • Labeling data that is discovered.
  • Maintaining data classification in the cloud.
  • Associating policies with classification and controlling data access and use.

So, when setting your security programs, workloads, projects, etc., you need to:

  • Check that your sensitive data is secure.
  • Check who has access to that data.
  • Focus on where you invest your time and resources to protect that data — it’s your greatest asset.

At the end of the day, you can’t categorize or classify anything you don’t know exists. This is a critical step.

Cloud Data Storage and Protection Controls

This is a vast topic — but to grow as a company and remain as secure as possible, you need to learn about all the storage types. Whether you start in Blob or EBS, you will eventually need to have some level of knowledge about most, if not all of, the storage types. That is the natural way the cloud progresses. Even if you think your data is in one place, your data often takes a journey based on cloud architecture. Whether your data is only temporarily stored somewhere, proper configuration is vital.

Data protection controls need to be in line with classification and stay that way! Of course, this is an enormous challenge, but it’s also a core reason why we see data breaches. Many configuration options exist, some of the most common being encryption, logging, and network access controls.

How Can Sonrai Security Help?

Sonrai Security enables enterprise companies to enforce intelligent CSPM, achieve and maintain least privilege, enforce separation of duties, and lockdown-critical data in your AWS, Azure, and Google Cloud deployments.

To learn more about data security and doing your data recon, watch our webinar. You can also request a demo to get started today!