Missed our recent webinar? It was a good one for those worried about WFH and enterprise cloud security. In this post, we break down the key takeaways from our webinar.
On April 23, we hosted a webinar with Dan Woods, Principal Analyst at Early Adopter Research and Eric Kedrosky, Director of Cloud Security Research and CISO of Sonrai Security, which featured some practical ways WFH requirements and cloud will permanently change the way we look at enterprise cloud security.
Our webinar covers how companies who manage their public cloud will have WFH built-in to their processes, the impact remote working has on current enterprise security practices, and how remote working can broaden implementations of identity and data access. Below we cover some of these and other highlights from our Why WFH and Cloud Will Permanently Change Security webinar.
We presented four key principles to consider when addressing public cloud data and identity access:
1. Get to and maintain least privilege. Eliminate all identity risks in your cloud.
3. Shift left by integrating your security, cloud, audit, IAM, and DevOps teams.
As enterprise organizations shift rapidly to meet new demands, each of these cloud security principles become more important to govern data and identity access in the public cloud.
For many companies, the shift from working in an office or co-working space to WFH has been relatively easy as public cloud is already being used to support the organization. The cloud is a powerful tool that allows employees to work from anywhere and access the applications and data needed to be productive. Platforms like AWS, Azure, and Google Cloud (GCP) were built for speed and agility making a quick transition to WFH possible.
Some examples can be found in the AWS Marketplace, offering solutions for companies to quickly deploy what’s needed to get a team up and running remotely in a matter of hours. If you need to spin up a new VPN, it can be done in a matter of hours as opposed to weeks. Or Microsoft O365 and GSuite offering email and productivity tools from anywhere (no more infrastructure, no more software, no more licenses).
Although the cloud is powerful, in the WFH era, enterprise cloud security practices have changed for most companies. Remote employees were often only a small group or working remotely for specific purposes. Now everyone is “outside of the fence,” so to speak. Many organizations have their security configured where the network is the boundary and this is no longer the case. In the cloud, identities are the new perimeter. As such, getting to and maintaining least privilege is critical, thus changing the organization’s security model.
The model has changed pretty much overnight because of a surge of urgency and the immediate need for remote access. This will ultimately lead to risks and mistakes.
Mistakes are made even in the most settled times; it is just part of managing a technology environment. These mistakes are often detected and managed quickly within a clear process. However, during a significant shift such as this WFH mandate, IT and Cloud teams are probably very overworked as a result and they may miss mistakes or not even know that they exist. If they find a mistake, they may not be able to assess the mistake; let alone have the time to fix them.
“Some teams may not know mistakes are made given the new work environment with everyone outside that boundary and the speed in which implementations needed to happen” says Kedrosky.
How do these mistakes add new risk to your business? The answers could be quite shocking. For example, you are used to having your support teams being remote and using a VPN for access. That VPN was only meant for the operations team who managed the backend servers. Now, to meet the needs and urgency of this WFH mandate, you’ve added your finance team to the VPN without a different configuration. This VPN may now give the finance team access to data that could cause issues and vice versa. The support team now has access to sensitive systems and sensitive data. This scenario also leads to the risk of data access.
Identity is now the new perimeter has created new risks and has changed the security model. Things have changed quickly which can be stressful and complicated creating complexities. Your IT cloud and governance teams need to assess if you're meeting this new demand and preventing risk.
This webinar covers these five areas to help with your cloud data and identity governance strategy during the work from home era:
For a more comprehensive look at the four areas covered in this presentation, check out the hour-long webinar.
Sonrai Security cloud security platform, products and services are covered by U.S. Patent No. 10,728,307, together with other domestic and international patents pending. All rights are reserved.