Mistakes, not vulnerabilities
The fact that privileged users can bring down a whole AWS environment, with critical applications and sensitive information, isn’t the fault of the cloud. It highlights the fact that for many organizations the security implementation is weak. Administrators need to apply the same rigorous controls they have had in their datacenters to their cloud infrastructures.
Many of these configuration mistakes are not difficult to fix, and they mitigate a large range of potential issues, freeing up administrators to handle more in-depth tasks, such as running a vulnerability scanner like Amazon Inspector or Tenable Network Security’s Nessus. But first things first, and that means bringing security hygiene to the cloud.
Sign up for CIO Asia eNewsletters.