Home  >  Advisory Blog  >  Common “Gotchas” with…

Common “Gotchas” with Cloud Security Tools

Written By: Alex Cowperthwaite

A person thinks about cloud security tools in front of a window. A futuristic overlay is visible on the window’s surface.

Companies need to move to the cloud in order to stay competitive. According to a recent McKinsey report, 61% of companies that increased their revenue over the past three years have accelerated their digital transformation timeline. These changes are going hand-in-hand with increased focus on data security. According to that same report, 54% of business leaders believe the increase in cloud migration from the beginning of the COVID crisis is a change that will continue, and 53% believe the increase in security focus will continue.

However, the landscape of cloud security tools can be confusing. Just as with other aspects of moving to the cloud, some research and thoughtful planning now can help you avoid problems later. Knowing your goals, and knowing how each tool in your environment will help you reach those goals, will help you make better decisions and avoid common pitfalls.

If you keep these tips in mind, you can make sure that you are getting the most from your cloud security tools.

Don’t Just Use Tools, Choose the Right Tools

There is a broad range of cloud security tools available, but not every tool serves every cloud security need. As your business accelerates its digital transformation efforts, you need the right tools at hand to automate configuration, enforce identities and privileges, scan code, and assess compliance. Not every tool can do all of these functions, so it is up to you to select tools based on your needs and your security goals.

The landscape of tools can be confusing. There are a wide range of security tools out there, with new buzzwords and categories seeming to rise all the time. The cloud security tools list on this year’s Gartner Hype Cycle features 29 different categories. It is easy to get distracted by the ever-changing landscape of options. Though it is worthwhile to learn about new tools and think about which are worth adopting, it is no reason to make rash decisions.

More than anything, make sure you are doing the cloud security basics well, and achieving the goals of your cloud security policy framework and cloud security architecture design. Those foundations for cloud security include:

  • Identity and access management
  • Data classification and encryption
  • Configuration management and auditing
  • Compliance policy management and tracking
  • Assessing the security of software and libraries
  • Securing legacy systems used alongside cloud services
  • Centralized management and monitoring of cloud assets and security

With these foundations in mind, you can start to assess the cloud security tools you are considering. Before adopting a cloud security tool, make sure that you are aware not only of what it does, but of how it will fit into your environment, how it will strengthen your cloud security posture and goals, and how well it will integrate with other security tools that your organization already depends on. This way, you will make sure that you are spending your money and time in ways that will meaningfully improve your cloud security posture.

Fight Against Tool Sprawl

Having the right tools to cover all of the cloud security fundamentals matters. There are many cloud security tools available, and you will need multiple tools to cover all of the essentials for your security program. Still, there is an upper limit.

Tool sprawl is a real problem: having too many security tools leads to too much to manage, and too many alerts. Many organizations are so overwhelmed with alerts that a quarter or more of their security alerts are relegated to background noise. Tool sprawl also leads to duplication of alerts and coverage: a simple configuration issue can cause duplicate alerts and requires distinct remediation efforts in multiple platforms, which can ultimately lead to conflicting views of your cloud infrastructure security. Having too many tools can lead to missing security incidents: the exact opposite of the desired result.

In addition to alert fatigue, adding tools can also expand the attack surface. Security software, just like any other kind of software, can have vulnerabilities, and requires tracking and maintenance. Tools that are not regularly updated, or that use insecure communication protocols, often become targets for hackers. So, a cloud security tool that is not regularly updated, or is not properly configured, can be an attacker’s way in.

The solution to tool sprawl involves both planning and documentation. Instead of constantly adding new security tools to the environment, you should instead be thoughtful about what tools you add and the role they serve. If a tool is not doing what it should, or another tool would do better based on your analysis, go ahead and replace those underperforming tools. But make sure that you are going about it in a sustainable fashion: choose tools that work well together and integrate well with your workflows, document which tools you are implementing and for what reasons, and make sure your security, infrastructure, and operations staff are trained on using and responding to those tools.

Be Smart About Open Source

Open source solutions, in cloud security and generally, are worth considering. There is a wide range of open source cloud security tools designed to help with such security tasks as configuration management, intrusion detection, infrastructure monitoring, and security analytics. As with any other decision related to security tools, you must be thoughtful about it.

It is always appealing to financial decision makers to save money on software licenses, so the free price point stands out from that end. However, that does not mean open source software is free in the long run. It requires time to evaluate it, including researching the features and stability of the project. Open source projects also need financial support, so many offer a paid support plan. Organizations should consider supporting projects that are critical to their business.

On the other hand, some technical decision makers balk at free cloud security tools due to the price point, and the fact that the open source development model depends on a volunteer team. This is another assumption worth challenging. Many open source security products have strong and reliable histories of development and adoption in enterprises, and they even compare favorably with proprietary products from a security perspective.

In short, open source software, just as with proprietary software, should be considered from similar standpoints: how secure the tool is, how well it fits in with the existing tools and infrastructure, and how well it fills a gap or solves a problem in the environment.

Reaching Your Cloud Security Goals

As you move to the cloud, you will need security tools to help you manage, monitor, and secure your environment. Choosing the right cloud security solutions can be confusing and overwhelming, because there are so many options and the landscape is changing so quickly. However, remaining focused on your cloud security goals and infrastructure, and keeping your mind on the basics of cloud security, can help you make good decisions and implement the right tools.

Working with an experienced cloud security partner can also help you make smarter decisions. A trusted advisor who has an established track record securing cloud environments can make you more confident than ever that you are choosing the right tools and adopting the cloud securely. No matter where you are in the cloud transition process, working with a cloud security partner can help you clarify your goals and your current level of risk, as well as make better decisions for a secure future.

Learn why some of the largest and most respected companies in the world, including this top 5 entertainment and media firm, trust Security Compass Advisory for their cloud security initiatives. 

If you are interested in learning more about building a secure cloud environment, our Advisory team is ready to listen to you and help you reach your goals.

All Posts

Alex Cowperthwaite
Technical Director
Alex Cowperthwaite
Alex is a Technical Director. He has extensive experience performing a variety of security assessments including cloud architecture, threat models, web app and infrastructure pentetration tests. Alex’s background in reverse engineering and vulnerability analysis combines with years of hands on experience at Security Compass to provide an adaptable skill set that can tackle almost any unique security assessment. Alex has a passion for leading and mentoring Security Compass consultants to achieve excellence in results.

Stay Up To Date

Get the latest cybersecurity news and updates delivered straight to your inbox.
Sign up today.