Cloud Security: Cloud computing has become a fundamental pillar of operations for businesses and organizations of all sizes. What is easy for the user turns out to be complex for the administrators at second glance and from the maintenance point of view. IT security managers should therefore be aware that cloud structures inevitably require patch management and that this task is their responsibility.
More and more workloads and infrastructure are moving to the cloud, which provides mobile and content services and serves as an alternative to traditional network infrastructure. Eight out of ten companies have now developed or are working on a multi-cloud strategy, and around 82 percent of the workloads are already there.
attack surfaces in the cloud
However, this also increases the risks: Due to the coexistence of local computing technologies and public and private clouds, the attack surface has increased exponentially and the work of the IT security teams has become significantly more complex.
Unfortunately, although the majority of enterprise cloud environments are based on Linux, systems running this operating system are often overlooked when it comes to cyber security. As a result, they are often misconfigured and/or poorly managed. Cyber criminals are therefore increasingly targeting public cloud infrastructure and Linux systems for ransomware and cryptojacking attacks. They know their campaigns can scale by exploiting common misconfigurations and vulnerabilities in popular public clouds like AWS and Azure.
Five methods for patch management in the cloud
In order to secure the multi-cloud and hybrid IT structures, which are increasing in number, integrated patch management is required that, in addition to local technologies, also covers all resources and methods for distributing cloud workloads. There is no one-size-fits-all approach to patch management for cloud workloads. But the following principles should be followed by IT managers:
Evaluate the entire infrastructure end-to-end
They need to be able to assess the security of their entire infrastructure at all times - from on-premise technologies to services and infrastructure in the cloud. This is the only way they can determine which security controls are in place and, more importantly, which ones are still missing. In the overall perspective alone, they can identify security gaps and misconfigurations and get an understanding of how vulnerable their processes, data and systems really are.
use managed services
The IT infrastructure of organizations is constantly changing, new security gaps or misconfigurations can be discovered at any time. Managed service providers can help those responsible to identify vulnerabilities in their infrastructure that are not – yet – related to a specific known threat, but can be patched now.
Link patch management, risk management and compliance
Many companies rely on an extensive risk management program to meet regulatory requirements. Through continuous vulnerability management, you can ensure that all systems are secure and that there are no security gaps and can prove this.
Integrate patch management with threat detection and response technologies
Patch management is most effective when integrated with a comprehensive cloud workload protection platform that combines it with attack detection and mitigation capabilities. No patch is available for zero-day risks. However, with an integrated solution, security teams can leverage the power of endpoint detection and response functionality. This can help close the current vulnerability and better identify and proactively patch similar vulnerabilities in the future.
consolidate technologies
Patch management isn't just about determining that a patch is needed and then deploying it if necessary. Rather, it is a complex process—from staging to testing to configuration management. The use of several different technologies for vulnerability assessment, patch management and countermeasures cost time, resources and therefore money. IT teams can simplify and automate their security processes with a single comprehensive security platform that provides visibility and control across the entire infrastructure, including all systems that distribute cloud workloads.
Patching in the cloud is the responsibility of the user
IT managers must never forget one thing: every user is responsible for their own cloud security. Hackers benefit from the fact that many users do not know or suppress it. Administrators or CISOs are often unaware of the implications of the shared responsibility model for cloud assurance. Too many cloud users still don't realize that cloud service providers are only responsible for the infrastructure. However, patching and securing the operating systems, applications and workloads – especially in the case of Infrastructure-as-a-Service services – is the responsibility of the users of these cloud services. Ultimately, this applies to all data stored or processed in the cloud - regardless of the service model. Therefore, continuous patch management - especially for Linux and cloud workloads - should be high on the agenda of those responsible.
More at Bitdefender.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de