Cloud Security - a Shared Responsibility
Why is Cloud Security such a big challenge?
Many organisations seem to struggle with insecure cloud environments even though their Cloud Providers (Microsoft Azure, Amazon AWS, Google GCP) provide them with all the tools they need to create secure platforms.
We did some research in the market and also looked at our ARGOS customers using one specific example:
TLS 1.0 and 1.1
Both these versions have been deprecated and even the NSA issued guidance on how to replace them (https://www.securityweek.com/nsa-issues-guidance-replacing-obsolete-tls-versions).
However, when customers initially onboard ARGOS to their environment or in Social Media polls we often see that customers are not enforcing TLS 1.2, even though Azure, AWS and GCP clearly support this.
Why is that?
Cloud Security includes all parties
Cloud Security requires for everyone to come to the party. Just because the Cloud Provider supports something does not mean it is automatically enforced across the board. It might also be the case that a cloud resource was deployed by a customer and after that happened the Cloud Provider introduced a new default. Specifically, TLS1.1 might have been the default TLS version enforced when a database was deployed, but later the Cloud Provider changed this to TLS1.2. This setting will not be applied to the database automatically, it requires a person to make that change.
It requires someone to know that this new setting is available and also know which cloud resources are currently not configured to use this setting, and which of those services need to be prioritised to be fixed to reduce the overall technical and potentially business risk.
ARGOS detects old TLS versions
In the first paragraph I mention that customers that initially onboard to ARGOS find many services still running old, insecure and deprecated TLS versions. That is not the case for too long. We see all our customers take fast action to remediate those issues either using ARGOS's builtin remediation feature or fix the issue outside of ARGOS and at the same time be able to make informed decisions thanks to our contextualised detections and resource graphs showing exactly which resource is being misconfigured and how it relates to other resources.
So, why is Cloud Security such a big challenge? We believe it is because of the many, constant changes the Cloud Providers introduce (curse and blessing) and organisations are trying to play catch up while also aiming to build a robust cloud platform.
ARGOS has shown over and over again that organisations have this problem and want assistance and ARGOS is their partner in this.