Why configuration drift is the not-so-silver lining of cloud technology

Earlier this year, it was revealed that Australia’s appetite for greater cloud capabilities is still growing. Research  predicts cloud service spend to increase by 17.6% this year alone. This spending trajectory demonstrates Australia’s commitment to cloud technology.

A wise commitment given the endless possibilities that cloud offers organisations. However, it is equally important to invest in maintaining and securing your cloud environments. Failing to do so can result in a wasted expenditure and exercise that fails to deliver against operational goals and predicted ROI.

“There are a lot of inbuilt security functions in modern cloud computing, but good security doesn’t come as an out of the box solution,” says Hussein Muslmani, Head of Cloud and Security at Triforce.

According to Muslmani, in order to both establish confidence in your cloud security and remain compliant you need to do two things.

  • Take the time to configure your cloud security correctly; and
  • Monitor it. Regularly.

“In order to maximise your cloud investments, you need to configure your IT in line with your business policies and processes. This is an ongoing exercise, not just something you do during implementation. As with any plan, things change and processes evolve, so it is easy to fall victim to configuration drift,” explains Hussein.

Configuration drift happens to everyone, and it is increasingly the root cause for many cyber-attacks.

Three ways configuration drift is (accidentally) exacerbated

  1. Identity access mis-management

Whilst cloud technology is attractive thanks to the extensive dynamic capabilities it offers, a study by Microsoft indicates that more than 90% of cloud identities are actually using less than 5% of the permissions granted to them.

“Identity management and role-based access is an incredibly effective tool to have in your cybersecurity armoury. But once again they need to be aligned to, and driven by, clearly established organisational policies. If not, by granting unnecessary access to users, you can inadvertently create vulnerabilities,” explains Hussein.

By looking closer at your identity management and access controls you can significantly reduce vulnerabilities and limit configuration drift.

  1. Disparate or conflicting policies

With compliance requirements both locally and internationally intensifying, organisations are working hard to ensure they remain compliant. According to Muslmani, this focus on compliance can often be detrimental to cloud environments and generate drift.

“Whilst it is obviously important to remain compliant, this need to be part of a bigger picture. If you focus on adapting policies solely to be compliant, without considering the ripple effect across broader business policies and activity, you can very easily create configuration drift and thus weaken your security posture,” says Hussein.

  1. Time

The commercial and technological landscape is changing so rapidly that the greatest cause of configuration drift is simply time itself.

“Cloud is popular because it is scalable and can adapt to businesses as they, and their users, evolve. You can only predict this change to a certain extent, really there is no way of configuring cloud controls today to best serve your business in 12-18 months,” notes Hussein.

How to combat configuration drift and ensure your Cloud is secure

To strengthen your security posture, limit configuration drift and remain compliant, Muslmani recommends implementing thorough and frequent monitoring of Cloud environments.

“There are multiple options to explore including solutions that offer real time monitoring, sporadic penetration testing, auditing against key frameworks. If you’re not sure where to start though, or even if you have any configuration drift, the best option is to undertake a thorough assessment,” says Hussein.

Triforce has partnered with British Telecom (BT) to create a cloud assessment  designed to give actionable outputs and help businesses strengthen their cloud security. To find out more or to speak to a specialist regarding your cybersecurity concerns contact the team today. 


Send Enquiry