One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8599154 |
| Date de publication | 2024-10-17 10:00:00 (vue: 2024-10-17 10:11:59) |
| Titre | Les pièges de l'étalement des nuages et comment les éviter Pitfalls of Cloud Sprawl and How to Avoid Them |
| Texte | The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Cloud computing has become a boon to organizations due to its flexibility, scalability, and cost-effectiveness. However, without proper oversight, it evolves into an untidy collection of cloud instances, platforms, and resources cascading through the enterprise environment. While this growth typically aligns with increasing operational needs, it leads to a phenomenon dubbed cloud sprawl, a situation that presents both economic and security risks. In many companies, departments independently deploy cloud services or virtual machines to streamline tasks. Employees can also opt for unauthorized cloud instances (shadow IT) to boost convenience. According to a Netskope research, an eyebrow-raising 97% of cloud applications used in the enterprise are unmanaged and freely adopted by employees and organizational units. This may seem like minor foul play for the sake of higher productivity, but the downside soon becomes evident. IT teams lose visibility over the “snowballing” cloud ecosystem that suddenly lacks centralized control and potentially opens up a Pandora’s box. Walking a Security Tightrope When cloud sprawl takes over, security problems surface. Without unified oversight, applying consistent security measures across the board becomes an arduous task. This lack of control can impact the company’s security in several ways: Data security gaps: Shadow IT, coupled with too many isolated cloud environments, makes it difficult for IT and security teams to keep a record of sensitive data effectively. This leads to potential data leak or loss. IAM challenges: Cloud accounts that are no longer maintained tend to have weak access controls. This condition complicates identity and access management (IAM), making it harder to protect credentials like API keys and tokens. Expanded attack surface: Each unused or poorly managed cloud resource can become a blind spot, making the environment more vulnerable to cyberattacks. Outdated software, misconfigured settings, and unauthorized access points give malefactors more avenues to exploit. Compliance repercussions: When it comes to regulatory compliance, fragmented data across multiple clouds throws a spanner in the works. Standards like GDPR, HIPAA, and PCI DSS require clear control over data integrity and traceability, but when data storage and security practices aren’t unified, demonstrating compliance becomes a tall order. These risks entail operational difficulties as IT teams juggle vulnerability management, access controls, and security monitoring. Letting the situation slide creates loopholes for cyber threats. A centralized cloud management approach ensures that growth doesn’t outpace oversight. Operational and Financial Fallout Cloud sprawl doesn’t just affect security; it also strains budgets and resources. Orphaned or underused cloud instances add to operational costs and make it hard for organizations to track and optimize their cloud spending. The result is an inflated cloud bill, driven by inefficiencies that could otherwise be avoided. The proliferation of duplicate resources and data across platforms drains processing power, slowing down business-critical |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | about access according accounts across action add address addressing adhere adopt adopted affect affecting aim align aligns all along also any api application applications applying approach arduous are aren’t around article asset associated attack audits authentication author automation avenues avoid avoided become becomes beef below best better between bill blind board boon boost both box break budgets business but can cascading catch centralized challenges: check clear cloud clouds cnapp collaboration collaboration: collection combining comes communication companies company’s compliance complicates comprehensive computing condition conducted consider consistency consistent content continuously control controls convenience cost costly costs could coupled cover create creates credentials critical cross cyber cyberattacks cybersecurity data decentralized declutter demonstrating department departments deploy deploying detection difficult difficulties does doesn’t done down downside drains driven dss dubbed due duplicate each economic ecosystem educating effective effectively effectiveness efforts emerging employee employees encourage encryption endnote endorse enforce enough ensure ensures entail enterprise entire environment environments essential establish everything evident evolves expanded experiences expertise exploit eyebrow factor fallout fertile financial flexibility following foul fragmented freely from gaps: gdpr give gives goals governance governance: ground growth handling hard harder has haul have head healthy help higher hipaa holistic how however human iam identify identity impact implement incident increased increasing independently inefficiencies inflated information infrastructure innovation instances integrity interoperability isolated it’s it: its juggle just keep keys lack lacks leaders leads leak least letting levelblue leveraging like long longer loopholes lose loss machines maintained make makes making malefactors manage managed management managing many may measures minimize minor misconfigured misuse monitoring more multi multiple must native needs netskope new not offers one only open opens operational operations opt optimize order organization organization’s organizational organizations orphaned otherwise outdated outpace over oversight pandora’s pave pci permissions phenomenon pitfalls platform platforms play points policies poorly positions post posture potential potentially power practices presents prevent principle prioritization: privilege proactive problems process processing productivity proliferation proper protect protection provided radar raising rather real record reduce redundant regular regularly regulatory remains repercussions: require research resource resources response responsibility result resurfacing right risks roles rules sake scalability scanning secure security security; seem selecting sensitive service services settings several shadow should silos situation slide slip slowing smooth software solely solution solutions soon spanner specialized spending spot sprawl standards starts stay stop storage strains strategy streamline suddenly sufficient surface surface: swamps takes tall taming task tasks teams technology tend territory tested than them there’s thereby these threat threats through throws tightrope time tokens too tools toward traceability track training training: trends tried turns typically ultimately unauthorized undermines underused unified units universal unmanaged unnecessary untidy unused usage use used user using views virtual visibility visibility: vulnerability vulnerable walking way ways ways: weak what when where without work works |
| Tags | Tool Vulnerability Threat Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.