Saturday, February 11, 2023

6 Cloud Migration Issues You Need To Be Aware Of

 


As we are now in the thick of Q1 of this year, many businesses are now realizing that having an On Prem infrastructure can be a very costly affair.  For example, not only do you have hardware replacement costs, but you also have software licensing issues, creating backups, hiring the staff to maintain all of the critical equipment, etc.  As a result, they are now starting to see the benefits of what the Cloud can bring.

But keep in mind that a 100% migration to the Cloud is not an easy task, given the size of your business.  It takes careful planning, and very often, you will probably need the help of a Cloud Services Provider (CSP) to make sure that everything has gone smoothly. 

Moving to the Cloud (like AWS or Azure) can be a great thing, there are also a number of pitfalls that you need to be aware of as well.  These all come from the standpoint of Cybersecurity.

Here are some of the key issues that you need to keep in mind:

1)     The Supply Chain:

I don’t mean anything like UPS or FedEx, but if there are any gaps in your Cloud deployments, the Cyberattacker can easily discover these, and from there drop in a malicious payload.  But this is not going to affect just your systems.  If you have a remote service installed here and you have other clients that are dependent upon using it to get to your services, there is a very high chance that they will be infected as well.  In fact, this is how the Solar Winds hack happened.  The Cyberattackers were able to find just one weak spot, deploy the malicious package into that, and from there, thousands of organizations were impacted by it.  Therefore, you will always need to keep an eye on gaps which open up, and remediate them quickly.

2)     Ransomware:

Yes, this particular threat variant can strike the fear in anybody.  Although it has slowed down from its peak in 2021, this attack vector has become even nastier than it has ever been before.  For example, there are now instances of extortion attacks, and even the fear of having PII datasets being exfiltrated to the public at large.  Ransomware is something that is not going away anytime soon, and its going to be here for a long time to come.  Even when you are in the Cloud, you are not totally immune to a Ransomware attack.  There are various ways in which you can get penetrated:  By using file sharing services that synchronizes up with your Cloud account, and even heisting your Cloud email platform in order to launch Phishing attacks.  Your best to counter a Ransomware attack?  Always backup your mission critical datasets, and store your Cloud deployments in different data centers.

3)     Lateral Movements:

Once a Cyberattacker has found a hole in your system, they will try to stay in as long as they can, of course, going unnoticed.  From here, they will then assess the state of your total Cloud infrastructure, and see where they can move next to.  This is what is called as “Lateral Movements”.  In other words, the Cyberattacker will move sideways either to the left or to the right in order to avoid detection.  Once they know what they want to take out, they will do that in a very covert fashion.  What is the best way to defend against this?  Always keep an eye for any abnormal behavior that strays from your baseline profiles.  Of course this can be a very time consuming task for any human being, but it can be totally automated by using AI or ML tools.

4)     Cloud Sprawl:

With the advancements in the Cloud, there are many options you have today than you would versus an On Prem solution.  For example, you can now have an IaaS, a PaaS, an SaaS, a Private Cloud, a Hybrid Cloud, a Public Cloud, etc.  With all of this, and the affordable price it has, the temptation now remains strong to use everything.  If you try this approach, you are now entering the land of what is know as “Cloud Sprawl”.  The main downside of this is that you are simply expanding the attack surface for the hacker to penetrate into.  In fact, it is now claimed that 64% of organizations are now becoming a victim of this.  (SOURCE:  https://www.sdxcentral.com/articles/news/nutanix-report-64-of-orgs-will-adopt-multi-cloud-within-3-years/2022/01/).  What is the best way to avoid this?  Consult with your CSP.  See what you absolutely need first, and just stick with that.  If you feel the need to expand into other various Cloud based formats as just described, make sure you absolutely need those extra services first.

5)     The effects of Shadow Data:

One of the biggest challenges for any IT Security team is to make sure that when a migration happens, everything goes through.  Meaning, there is not one piece of data which is still lying around somewhere.  But this is all in theory.  In the real world, this never happens.  There is always something which is still lying around.  Any residual pieces of data like this is technically known as “Shadow Data”.  How do you ensure that when do you a migration, everything as much as possible does go through?  Always do your Cloud transformation in steps.  Make sure that you do this in phases, so that you can double check if anything is missing.  If you try to do everything at once, there is a far greater probability that you will more missing datasets on your hand, which can also be prey for the Cyberattacker.

6)     Giving too many permissions:

Once you have migrated to the Cloud, one of the next major projects that you need to work on is giving all of your employees the rights and permissions that they need to conduct their job tasks on a daily basis.  You always want to observe the principle of Least Privilege, in which you give no more and no less than what is absolutely required.  There are tools now which make this process easier, such as the Azure Active Directory.  But the problem here is that by accident, you can give away too many permission that you don’t intend to do.  Like Server Sprawl, this has become known as “Permission Creep”.  How can you avoid this from happening?  Use the Privilege Access Management (PAM) tools thar are available. I know for a fact that Azure has some great tools that you can use as well.

My Thoughts On This:

The mass migration to the Cloud started really when the COVID-19 pandemic hit back in 2020.  It is not slowing down, and recent statistics show that 95% of all business processes will be done in the Cloud by 2025, and that at the current time, the average Fortune 500 company uses some 2,000 different Cloud based services on a daily basis.  (SOURCE:  https://www.darkreading.com/cloud/7-critical-cloud-threats-facing-enterprise-2023).

The Cloud can be very exciting environment to be in, btu keep in mind that it too is growing, and that there will be pains along the road, as just described in this blog.  As also mentioned, your best way to navigate all of this is to work with a reputable CSP, and come up with a phased in plan for migration.  Also remember that your employees will be accessing the shared resources here, so keeping with Security Awareness Training on a regular basis will be key here as well.

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...