Misconfiguration of cloud solutions is often overlooked when companies plan cybersecurity strategies. Cloud apps are typically quick and easy to sign up for and the users assume that they do not need to worry about security because it is handled by the provider. This is an incorrect assumption because cloud security is a shared model. The provider of the solution handles securing their backend infrastructure and the user is responsible for configuring security settings in their actual account. The problem with misconfiguration is huge and is the number one cause of cloud data breaches.

Misconfiguration can take many forms:

giving all users admin access.
failing to turn on one or more security features.
not removing access for old employees.
not configuring MFA.
sharing usernames and passwords between employees.

Misconfiguration covers a wide range of negligent behaviour and has to do with cloud security settings and best practices. A finding in The State of Cloud Security 2021 report shed light on how common this issue is with 45% of organizations experiencing between 1 and 50 cloud misconfigurations per day.

Some of the main causes of misconfiguration are:

Lack of understanding of what is required with the service.
No adequate oversight and controls
A team lacking security awareness and / or expertise
No adequate cloud environment monitoring
Negligent insider behaviour

Below are some tips to help reduce your risk of a cloud data breach and improve your cloud security.

Enable Visibility into Your Cloud Infrastructure

You are not alone if you don’t know all the different cloud apps employees are using at your business? It is estimated that shadow IT (usage without authorisation) is approximately 10x the size of known cloud usage.

How can you protect something you don’t know about? Your first step should be to perform an audit to see what is in use and then you can start putting processes and plans in place to protect those accounts.

Restrict Admin Accounts

The more administrator level accounts you have, the higher the risk of a misconfiguration and / or security breech. There should be very few users that can change security configurations as you do not want someone that does not know any better to accidentally open a vulnerability. Audit privileged accounts in all cloud tools and then reduce the number of administrative accounts to those that need that high level of access.

Use a Cloud Security Audit Tool

Do you know how secure your cloud environment is and how many misconfigurations there might be right now? It’s important to know this information so you can correct issues to reduce your risk. M365 has a great tool called Microsoft Secure Score. Contacts your online account vendors to see if they have or recommend a certain tool to help with this.

Set Up Alerts For When Settings Change

Once you get your cloud security settings right, they may not necessarily stay that same way. Several things can cause changes in security settings including:

Software updates.
A hacker that has compromised a privileged user credential.
An employee with admin permissions accidentally changing them.
A change caused by an integrated 3rd party plug-in.

Be proactive by setting up alerts when settings change. You should have an alert for any significant change in your cloud environment so that you can take immediate steps to fix the issue.

Have a Cloud Specialist Check Your Online Accounts

Most business owners and office managers know little about cybersecurity. So it pays to turn to an external expert like DP Computing to check your settings. They can then ensure that they are set up to keep your data protected without restricting your team.