At the same time, cybersecurity professionals know that this flexibility brings security management challenges. It’s difficult to implement security policies across these disparate systems, or even just keep tabs on evolving usage across many different cloud service providers.
CDW’s Cloud Check service is a complimentary offering that provides CDW customers with access to cloud security posture management (CSPM) solutions that help them inventory their cloud deployments and analyze them for security issues. I’d like to share three stories that illustrate the value that CDW Cloud Check can bring to organizations across industries.
The Value of Cloud Check
First, I recently worked with a security engineer at a biotechnology company. She was facing challenges tracking what other teams in her organization were doing in the cloud and how well operational teams were managing their cloud resources. After running a Cloud Check assessment, we discovered that the organization was using some default configuration settings that jeopardized security; specifically, they had not enabled encrypted access to storage locations containing company data. The engineer took this report to the team managing that storage service and provided them with detailed remediation instructions from the CSPM solution used in their Cloud Check assessment. With this information, they were able to quickly lock down access and protect data from potential threats.
The visibility Cloud Check offers can also benefit smaller organizations with bare-bones IT teams that find themselves overwhelmed by operational demands. I have encountered multiple customers like this who do not have the time to meet the internal demand for IT services themselves, and often reach out to third-party vendors to augment their teams. In one of these recent engagements, Cloud Check’s CSPM tool discovered that a vendor had failed to lock down access to servers it had configured for the organization. Those servers had high-risk protocols exposed to the internet, creating a significant security vulnerability that an attacker could exploit to gain access to the organization’s network. Once again, Cloud Check’s CSPM solution provided detailed remediation instructions that the organization indicated it would bring to the vendor to quickly resolve the issue.
Finally, many of my clients are subject to a variety of legal and regulatory cybersecurity requirements. In recent months, much of that work has focused on compliance with the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act. Cloud Check’s tools allow us to validate existing cloud environments against these regulatory standards, highlighting gaps that require attention. In one recent engagement, we discovered that the cloud security configurations set by a customer did lock down access to its cloud by source IP address, but did not restrict external source entities’ access to specific assets inside the cloud environment. This level of restriction is a common requirement in frameworks such as GDPR. Cloud Check’s CSPM solution identified exactly which security groups were noncompliant and provided the organization with step-by-step instructions for remediation.
In each of these cases, our Cloud Check service not only uncovered security vulnerabilities associated with cloud data and workloads, but also helped customers prioritize more critical findings and obtain valuable information to help address these weaknesses.