AWS Security – What Makes Misconfiguration Critical?

AWS Security: What Makes Misconfiguration Critical
May 4, 2019

These days, enterprises are moving to cloud faster than expected, thanks to its various benefits, which include Reduced IT Costs, Scalability, Business Continuity, Collaboration Efficiency, Flexibility of Work Practices, and access to automatic updates.

The Amazon Web Services (AWS) is a leading public cloud provider that is well-known for its wide range of features, reliability, scalability, and security. But just shifting to AWS doesn’t guarantee the fool-proof security on the cloud as a simple user misconfiguration could have a disastrous impact on your business by exposing your security credentials and customer information to malicious use.

User Misconfiguration: A Major Threat to AWS Security

RedLock Inc. has recently published a research report finding many security issues primarily caused by simple user misconfigurations on public cloud platforms, with Amazon Web Services Inc. (AWS) figuring prominently. “Shockingly, the team determined that 82 percent of databases in public cloud computing environments such as Amazon Relational Database Service and Amazon RedShift are not encrypted,” the report said. It also identified several other issues besides sensitive data being left exposed, including weak network controls, poor governance, developer-caused security risks and tough compliance complications.

“On a similar note, RedLock CSI researchers also discovered that 40% organizations using cloud storage services such as Amazon Simple Storage Service (Amazon S3) had inadvertently exposed one or more such services to the public,” the report said. “In March 2017, at least 20,000 customer records containing sensitive data were exposed at Scottrade due to such a misconfiguration.”

Kromtech Security researchers have discovered yet another unsecured Amazon S3 bucket. This time, the cloud server in question was linked to HIPAA-covered entity, Patient Home Monitoring, a vendor that provides U.S. patients with disease management services and in-home monitoring.

The misconfigured server contained the lab results and other patient files of about 150,000 patients. The files were stored in a publicly accessible bucket that was left unprotected by a password, according to researchers.

What Makes Misconfiguration Critical?

A misconfiguration could be termed as critical in following cases:

  • If a misconfiguration can be leveraged in a direct data breach.
  • If a misconfiguration reduces or eliminates security or compliance.
  • If a misconfiguration enables trivial attacks on your AWS console.
  • If a misconfiguration can be leveraged in a more complex attack.

How To Identify Critical AWS Misconfigurations?

The best way to identify critical AWS Misconfigurations is to scan for them by running a configuration audit as soon as you move to cloud and every time you make a change in the environment. We also have an internally built tool that looks up your infra on cloud and will not only help you in knowing your critical AWS Misconfigurations but also give you an opportunity to correct them before they fall into wrong hands and result in massive security and data breach.

Consult AWS Security Experts

To identify and correct your AWS misconfigurations, you can consult AWS Security Experts 

[ Read Next: AWS Cloud Security- Why should you opt for enterprise cloud security? ]

To get the latest insights, research and expert articles on AWS Services, Cloud Migration, DevOps and other technologies, subscribe to our Blog Newsletter here. For AWS Case studies and success stories, visit Case Study Section

Cloud Computing Insights and Resources

gen ai evolution of cloud computing

Future-Proofing Infrastructure: How Generative AI Shapes the Evolution of Cloud Computing 

The reality of cloud computing stands at the edge of a vast transformation, all thanks to the emergence of Generative […]

cloud computing security

What are the security issues in cloud? 

What is cloud?  Cloud computing refers to the delivery of computing services, including servers, storage, databases, networking, software, analytics, and […]

generative ai

Journey into the World of Generative Artificial Intelligence

Generative AI, the new wave in the dynamic landscape of cloud based artificial intelligence. Gen AI has smoothly emerged as […]