As organizations implement a Cloud First initiative to migrate on-premise data center functionality to cloud services, they can change the view of their data. Though they gain cost savings, they lose security and insight into their applications and infrastructure. Security must begin with visibility. Most organizations struggle to create a holistic view of user access permissions, resource inventories such as servers and databases, API traffic, and user activity within their public cloud infrastructure. Other common issues customers face in the cloud include:
+ Managing the outbound traffic
+ Limiting your exposure
+ Limiting SSH connections
+ Root/organization owner accounts
While cloud providers offer identity and access control tools, most organizations lack the corresponding policies that determine the minimum set of privileges to corresponding job responsibilities. Furthermore, security groups are not typically built with the least privilege model in mind, as the access required is often wide-ranging. Finally, turning on security logging and monitoring is imperative as it provides visibility to unauthorized access attempts, access/permission usage, API call information, and configuration deployment events.