The security fallout from the sprint to set up employees' home offices in the COVID-19 pandemic wasn't just about vulnerable endpoints and home networks: Even more worrisome was the rushed adoption of cloud-based technologies as physical offices and security operations centers went dark and home offices lit up.
The hybrid physical and cloud-based IT infrastructure is real now in many organizations, altering the enterprise landscape for 2021 and beyond thanks to COVID-19 prompting organizations to shift to a work-from-home model practically overnight.
Organizations already had been struggling to manage and properly secure their physical IT infrastructures, which had expanded with mobile and Internet of Things devices and risked exposing corporate data.
Now add cloud services to the mix – such as AWS S3 data storage, Salesforce, Slack, ServiceNow, and others – and the potential for blind spots and vulnerable devices multiplies. The infamous wave of leaky AWS S3 storage bucket incidents that began in 2017 and continues today was just a hint of what's to come, given how easy it is to inadvertently mess up cloud security.
The core challenge is visibility and control of what connects to the corporate network, and the cloud has exacerbated an already murky and difficult task. Most reputable cloud-based services actually come with built-in security controls, but it's still up to the customer to manage and configure those settings, and that's often the problem. According to Gartne ..
Support the originator by clicking the read the rest link below.
