Skip to main content

Poor security hygiene is affecting cloud rollouts

(Image credit: Image Credit: TZIDO SUN / Shutterstock)

Cybersecurity experts from Palo Alto Networks believe they’ve figured out why cloud misconfigurations (opens in new tab) happen so frequently.

According to the company's latest cloud threat report, businesses hurry to automate as much of their cloud infrastructure build processes as possible, and in so doing create new infrastructure as code (IaC) templates.

As this is happening “without the help of the right security tools and processes”, businesses end up creating infrastructure building blocks that are filled with “rampant vulnerabilities”.

According to the report, businesses are using more than 200,000 insecure templates, with roughly two-thirds (65 per cent) of cloud incidents occurring due to “simple misconfigurations”.

More than four in ten cloud databases (43 per cent) are not encrypted, and six in ten cloud storage services have logging disabled.

The report states that IaC allows businesses to enforce security standards in a systematic way, but they are not utilising the benefits.

"It only takes one misconfiguration (opens in new tab) to compromise an entire cloud environment. We found 199,000 of them,” said Matthew Chiodi, Chief Security Officer of Public Cloud for Palo Alto Networks.

“The good news is infrastructure as code can offer security teams many benefits, such as enabling security to be injected early into the software development process and embedding it into the very building blocks of an organisation’s cloud infrastructure.”

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.