The increasing use of homework makes critical applications in the public cloud vulnerable, warn the security experts. Moving to the home office allows companies to continue working. Still, there is also a downside: Employees at home are not protected by the security controls available on the company network.
The likelihood of theft and publication of access data and compliance violations through working in the home office increases significantly. Therefore, according to Radware, companies need an automated mechanism to ensure business continuity and secure their cloud environment.
Increased Risks From Working From Home
Home networks are less secure than corporate networks, which can lead to compromise. For example, there may be multiple devices on a home network. If one of them is infected or the router is insecure, the credentials will be compromised increases. Add to this the increased Internet use by other family members who may not adhere to proper security protocols.
Another problem: Dev and DevOps teams may include abbreviations to give users quick and easy access to systems, applications and databases. This inadvertently exposes users to cyber threats from the Internet. Human error plays a major role here. For example, if access should be granted from an employee’s home network, but access rights were granted instead to a larger network. Similarly, excessive permissions – which are considered the greatest threat in the cloud – can lead to a major security incident if these credentials are misused or stolen by the user.
Best Practices For Remote Access
Despite these challenges, there are various ways that organizations can ensure that employees can securely perform their tasks in the cloud from their home office:
- Activation of multi-factor authentication for users with console access and the root user
- Avoid inactive users and respect the principle of least privilege by revoking permissions from users with IAM policies that allow full administrative privileges.
- Activation of relevant cloud logs (e.g. CloudTrail / activity logs)
- Those responsible must ensure that they are informed about all publicly accessible systems, memories, databases, etc.
- You also need to be aware of all security groups that allow access from 0.0.0.0.0 / 0.
Organizations need an automated mechanism to ensure business continuity by securing their cloud environment and following best practices for cloud security. With Cloud Workload Protection Service, you receive detailed reports that provide deep insight into the cloud configuration and performance. The service enables stronger user authentication and reduces the surface area of attack by detecting users and roles with excessive IAM permissions. In addition, it can detect and prevent the public exposure of various cloud assets and detect network and cloud-native attacks.