5 PaaS and IaaS Security Blindspots That Exist In Organizations

5 PaaS and IaaS Security Blindspots That Exist In Organizations

5 PaaS and IaaS Security Blindspots That Exist In Organizations

Uncovering Security Blind Spots

in IaaS and PaaS Environments

Uncovering Security Blind Spots

in IaaS and PaaS Environments

Joe Malenfant
August 11, 2021

It’s pretty easy to understand why so many organizations continue to move services to the cloud when you take a look at the upside. Greater efficiency, flexibility and speed along with cost savings in many cases—it’s no wonder so many businesses continue to embrace the digital transformation and now find themselves ramping up usage of Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) models. So, if the cloud benefits seem endless, is there a downside?

To gather some insight around the subject, particularly around how organizations are securing their IaaS and PaaS environments, we recently surveyed hundreds of security professionals who work to secure Amazon Web Services (AWS) in their roles. Our latest State of Security Report details how organizations are utilizing AWS as well as the IaaS security trends and PaaS security practices that responding companies are experiencing.  

Download the full report to discover all the eye-opening findings, including how all of the participating organizations have experienced a previous cloud security incident.

For now, let’s take a closer look at 5 of the IaaS and PaaS blind spots that were uncovered:

1. IaaS and PaaS security threats

Cloud platforms are not only popular for companies to build on, but also as a target for attackers as they always seem to find their way towards the masses. 91% of respondents reported being concerned about security threats in AWS, while 41% reported running AWS across three or more regions. This highlights the need for a solution that provides security holistically to see and stop threats across regions as security professionals are looking to automate activities in order to enhance their effectiveness.

2. Risky number of users with access to cloud environments

71% of participating organizations had more than 10 users with access and the ability to modify their entire AWS infrastructure. With more people given more access to the AWS environment, risk exponentially increases. This enhances the challenge of securely configuring the cloud, which is expected to continue for the foreseeable future due to sheer size, scale, and continuous change.

3. Lack of sign-off process

The cloud has expanded so much that securely configuring it with continued confidence is nearly impossible. The survey data shows that almost one-third of organizations that responded don’t have a formal sign-off process before pushing to production, while 64% of organizations are deploying new services weekly or even more frequently. The number of new services being added in combination with more users having access will only increase the risk for an organization.

4. Existing AWS security services provide limited coverage

Organizations are looking for more security coverage than what’s natively available, as over 70% of respondents use more than the bottom three AWS services—S3, EC2 and IAM. This exposes a tremendous security blind spot when you don’t have visibility into all of your cloud services. If a solution isn’t available to monitor a particular service, security teams have no way of knowing if there’s an exploit.

5. Limited visibility across the cloud

The results of the survey clearly demonstrate that companies are investing heavily in security operations; and that security also remains a priority for DevOps personnel who are working to be proactive in their roles. Security analysts want to be empowered to anticipate potential threats or vulnerabilities as well, while DevOps are frustrated by avoidable crises that burn up resources. Utilizing artificial intelligence (AI) would improve visibility across cloud deployments enabling them to see and stop threats, as well as removing blind spots between authorized users and that of a bad actor.

As more organizations continue to adopt cloud, securing it requires a new way of thinking to reduce the risk of services being exploited. There’s a reason Gartner says that through 2025, 99% of all cloud security failures will fall on the customer. For further insight, make sure to download the State of Security Report: PaaS & IaaS—More People, More Access, More at Stake.

And, if you’d like to see and stop threats against your AWS environment, get a free 30-day trial, today!

About the author

Joe Malenfant

Joe Malenfant is the Vice President of Product Marketing at Vectra. Joe and his team are responsible for creating differentiated position for Vectra’s solutions, providing clarity to prospects, customers, and partners. Joe has spent over 10 years driving innovation in cyber security including endpoint detection and response, industrial control systems (ICS), IoT, and network security. He has launched category defining products from pure play SaaS to hardware solutions for IT, IoT, and ICS environments. He regularly presents at industry conference including RSA, Cisco Live, and IIoT World.

Prior to Vectra, he led marketing for Cisco’s Internet of Things business, a $1B portfolio spanning over 5 product segments including cloud, networking, and security. Prior to joining Cisco in 2014 he led product and solutions marketing Lockheed Martin Commercial cyber security solutions through the acquisition of ICS security company, Industrial Defender. Joe holds an MBA from Johnson & Wales in Providence, RI and an undergraduate degree from Concordia University in Montreal, Canada.

Author profile and blog posts

Most recent blog posts from the same author

Security operations

5 Biggest AWS Cloud Security Threats to Your Organization

August 18, 2021
Read blog post

Hacker Claims to Have Breached T-Mobile

August 16, 2021
Read blog post

Securing AWS Cloud: How the Pros Are Doing It

August 4, 2021
Read blog post