IT teams' heavy reliance on AWS leads to security blind spots - report
Vectra AI has released the results of a new security report on the state of platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS), which found that organisations are heavily relying on Amazon Web Services without properly checking for security blind spots.
According to the State of Security Report: PaaS & IaaS, 78% of the 317 IT professionals who use AWS run the platform across multiple regions, with close to half (40%) running them across at least three different regions.
Further, 71% of respondents use more than four AWS services, and 29% use three AWS services including EC2, IAM, and S3.
Half (50%) of all respondents deploy new workloads or services weekly, while 14% deploy daily, 21% deploy monthly, and 14% deploy ‘very rarely’.
Despite this increase in usage and region spread, respondents may be leaving critical gaps in their security. The survey found that all respondents had reported at least one security incident that happened within their public cloud environment.
Of those surveyed, 30% do not use a formal signoff before pushing to production, 40% do not have any kind of DevSecOps workflow, and 71% say that more than 10 people can modify their entire AWS environment infrastructure.
The report notes, “Compromising even one of these accounts can spell disaster for the organisation, and while most are well aware that this level of access poses a real risk, only 9% of respondents are not concerned about AWS security threats.”
Vectra AI senior consulting analyst Matt Pieklik says that despite these blind spots, security in the cloud is almost impossible because of its constantly changing nature.
“To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness.”
The report also found that organisations are investing in security operations, with more than half reporting more than 10 employees in their security operations centre (SOC).
The report states that security professionals and DevOps engineers need to be empowered to:
Security can be enhanced by empowering security professionals and DevOps
• Reduce the risk of cloud services being exploited
• Rapidly detect threats against IaaS and PaaS environments such as AWS
• Automate response to attacks on applications running on AWS.