Security breaches in the cloud caused due to preventable misconfigurations are a huge problem. There are certain questions pertaining to cloud operations of an organization that gives CIOs a clear picture about cloud security landscape. Are we at risk? What do we know about the security breaches? What can be done about it? 80 percent of cloud breaches are due to customer misconfiguration, mismanaged credentials, or insider theft and not cloud provider vulnerabilities. For any organization, this can result in dire consequences like steep regulatory fines, loss of customer data and damage to the brand reputation.
As compared to the data center, the cloud allows for much faster innovation, however, since cloud infrastructure is highly dynamic and transient, the security solutions being relied on in the data center doesn’t work in the cloud. Trying to secure everything at one go is a Sisyphean attempt and security professionals need to slow down their operations and think differently. Reintroducing a metric familiar to every IT professional is the first step towards thinking differently in cloud security. Mean time to repair (MTTR) is one such cloud security measurement that every chief information security officer should know. Automatic repair of the misconfigurations of the entire cloud infrastructure with immediate effect is of the utmost priority.
There are steps to be taken that would ensure the MTTR is zero in most cases. Unless one has a battery of cloud security experts at their beck and call, even a good MTTR can be measured in hours or days, which is bad considering it poses a great risk in the grand scheme of things. Or it may so happen that the MTTR is measured in weeks or even months, which is just prepping up for a massive data security breach. Nonetheless, the good news is that it is possible to bring MTTR down to minutes for any cloud misconfiguration.
The biggest threat to enterprise cloud infrastructure is time delays any threat which is not immediately found and fixed would heighten security risk. Without further ado, the security enforcement must enforce the full infrastructure stack; including the network, computer, storage, and numerous other cloud services. There are no two ways about it as any misconfiguration can expose your system and data. This is why continuous monitoring, automation built on policy-as-code and automated repair are the means to an end that would secure the cloud infrastructure and help generate an MTTR score that matters.