Companies are moving to incorporate the cloud into their computing infrastructure at a phenomenal rate. This is, without question, a very positive move. It permits companies to scale processing resources up and down in response to changing demands, giving companies the operational equivalent of unlimited resources while paying only for the resources that are actually used.
But there are side effects. Every trend that changes the computing infrastructure being protected has the potential to generate a change in the systems used to provide protection.
Trends & The Problems They Bring With Them
The Cloud Explosion
The move to the cloud would be better described as a stampede than a migration. According to a recent Uptime Institute survey of 1000 IT executives, a majority believe that more than 50% of workloads will reside in the cloud. Attendees at 2017 AWS Re:Invent believe that 83% of workloads will be in the cloud by 2020. Cisco believes that 94% will be cloud-based by 2021.
Moving all of these workloads into a new technical environment will require millions of IT professionals to become knowledgeable about cloud operations. The influx of inexperienced people will create new security risks when they misconfigure cloud subscriptions, storage configurations and other systems. This problem is already evident today. According to a recent survey of 300 security professionals, 51% reported that their companies experience misconfigurations at a rate exceeding 50 per day. In these companies, one full time equivalent engineer is required simply to correct newly introduced configuration errors.
To compound the problem a little further, a recent Forbes article states that 81% of surveyed companies employ a multi-cloud strategy. Companies wish to use multiple cloud providers to create resilience against failures/outages.
The presence of three or more cloud providers force security personnel to monitor assets in each environment. Each cloud provider supplies unique tools to do this job. The range of new tools then requires personnel to be trained and kept up-to-date on rapidly emerging features. The output from those specialized security tools must then be integrated into the company’s overall security infrastructure. Whenever any tool is changed in any of these systems, there is the potential for the connected systems to be broken. The complexity of security systems scales geometrically.
And finally, there is the trend toward SaaS services. Of all of the fast growing cloud services, Software-As-A-Service (SaaS) is the fastest. According to Cisco, SaaS growth was estimated to be 22% between 2016 and 2021. In terms of the number of installed workloads on IaaS, PaaS and SaaS, SaaS easily outstrips the other two by approximately four times.
Companies use SaaS services like Office 365, Salesforce.com, Slack, Google Docs and Webex to name just a few. Finances Online reports that the average company will use 16. Once again, the trend makes a great deal of sense. Instead of placing software on hundreds, if not thousands of machines and managing upgrades, configurations and databases for them all, the data is centralized and managed by the SaaS vendor. The subscriber focuses their IT resources on differentiating the subscriber’s products and services instead of maintaining operational infrastructure.
It is not possible to manage a SaaS using the same tools that were employed in on-premise installations. On-premise tools frequently operate at administrative levels of the operating system to track file and configuration changes. Monitoring databases and infrastructure elements also require a variety of agentless and agented techniques. The old, trusted toolchain for doing security assessments is not applicable to SaaS monitoring because the points of contact are necessarily hidden from the users.
What Cloud Management Assessor (CMA) Brings To The Table
Tripwire’s Cloud Management Assessor takes a number of steps that mitigate the problems associated with cloud migration.
- For Tripwire’s on premise TE customers, CMA permits them to monitor cloud assets while leveraging their existing investments in acquisition, integration and training.
- CMA monitors security configurations for Salesforce.com today. Over time, additional SaaS applications will be added to expand your visibility.
- CMA makes it possible to monitor the configuration of cloud subscriptions and storage element configurations for AWS, GCP and azure. This configuration data can alert users when an unanticipated change occurs. Storage elements that have accidentally been exposed to the Internet can be identified quickly.
- Monitors storage configurations to make sure that they are not accidentally exposed to the Internet.
- Whether cloud accounts and storage are located on AWS, Azure or GCP, CMA has the ability to collect data from all of these cloud providers and present it to operators in a single, consistent presentation.
If your company is aggressively moving its processing workloads into the cloud, Tripwire’s Cloud Management Assessor can help you provide the visibility that you need.