Estimated reading time: 2 minutes, 46 seconds

Misconfigured IaaS Implementations Results in Vulnerable Systems Featured

"Danger sign with skull" "Danger sign with skull"

According to research by the Gartner Group, the worldwide public cloud services market is expected to grow to over $266 billion in 2020. This represents a 17% increase compared to spending in 2019. While software as a service (SaaS) is the largest market segment, infrastructure as a service (IaaS) is growing faster than any other component of the cloud computing paradigm. It is expected to reach $50 billion in 2020 with 24% yearly growth. These numbers illustrate the fact that many enterprises are trusting their infrastructure with public cloud providers.

IaaS implementations put more emphasis on customer responsibility than do other forms of cloud computing. When an enterprise moves their infrastructure to the cloud, they are still responsible for areas such as the operating systems, virtual network, middleware, and applications that provide its computing resources. This reliance on homegrown IT talent and procedures can lead to disastrous consequences if it cannot handle the complexities of properly configuring the cloud infrastructure.

The Many Manifestations of Misconfiguration

There are many different issues involved in the misconfiguration of cloud systems which threaten to account for the vast majority of security failures by 2022. The problem with cloud security is not inherently associated with the cloud. The issue lies with the technologies and policies that are used to implement its security and control access to an organization’s computing resources. Here are some of the most important points that need to be considered by enterprises when employing the IaaS cloud computing model.

  • Understanding the division of responsibilities is vitally important when undertaking any move to a public cloud provider. Organizations may have begun their cloud migration by testing the water when using an SaaS offering that provides additional or new functionality to their computing environment. This can leave them with a false sense of security regarding the degree to which they need to be involved in system configuration. Whereas the cloud provider is charged with configuring and securing SaaS instances, this is not the case where infrastructure is concerned. The lines between customer and provider responsibilities need to be clearly understood and agreed to when implementing the IaaS model.
  • Data access and security are of paramount importance in any IT system. These areas achieve even greater prominence in cloud implementations where there are additional entities who may come in contact with enterprise data. Mistakes such as allowing storage devices to be accessible through an Internet connection or failing to turn on encryption to protect enterprise information are examples of this type of oversight. The keys required to access encrypted data should remain with the organization when at all possible to eliminate potential security risks beyond its control.
  • User interfaces and APIs are other areas that need to be addressed when adopting the IaaS cloud model. These interfaces warrant close scrutiny as they are often the only asset with public IP addresses that enable anyone to gain entry into the systems. Weak security regarding interfaces and APIs can result in confidentiality, accountability, and availability problems with the systems behind them. Using standard and open API frameworks can help minimize the complications involved in locking down these potential security gaps.

The cloud offers many benefits to organizations that choose to take advantage of them. Every enterprise that implements the IaaS model needs to acknowledge and address the issues that may lead to system vulnerability or risk catastrophic security breaches.

Read 3395 times
Rate this item
(0 votes)
 Robert Agar

I am a freelance writer who graduated from Pace University in New York with a Computer Science degree in 1992. Over the course of a long IT career I have worked for a number of large service providers in a variety of roles revolving around data storage and protection. I currently reside in northeastern Pennsylvania where I write from my home office.

Visit other PMG Sites:

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.