Increasingly, Google Cloud Platform users are recognizing the business benefits of multi-cloud. That’s not surprising since a multi-cloud approach allows organizations to enjoy each platform’s benefits, avoid vendor lock-in, and accelerate cloud-native development practices. But this approach also comes with significant risks, especially for organizations that rely solely on native security controls. This article explores the results of Britive’s original research into the current state of modern cloud security operations for GCP users. We’ll spotlight three of the most significant security challenges and share proven strategies for broadening your security stance while minimizing your attack surface.
The Current State of GCP Cloud Security Operations
During the summer of 2022, Britive surveyed over 260 IT professionals working at the intersection of cloud, security, and DevOps. The goal was to gain a deeper understanding of how cloud security operations were evolving and the challenges facing GCP users who operate in multiple cloud environments. This survey was combined with more than 50 analyses of anonymized and aggregated cloud IaaS environments across Britive customers. Here’s what was found.
The use of multi-cloud environments is widespread
According to the research, 68% of GCP users are using at least one other cloud environment, with 18% using at least three cloud providers. Due to substantial performance and cost benefits, we predict that the number of companies engaging multiple cloud providers will continue to increase.
GCP users are falling behind in adopting zero-standing privileges
GCP users have implemented a zero-standing privileges posture at rates far lower than other companies using clouds. Overall, 20.4% of companies using clouds have a zero-standing privileges approach. That number drops to just 6.8% for GCP users. Compared with AWS and Azure customers, GCP users are three times less likely to have a zero-standing privileges posture.
Multi-cloud environments make privileged entitlements challenging to track
As multi-cloud strategies become more prevalent, maintaining visibility into privileged entitlements has become increasingly difficult. According to the research, only 47% of organizations have adequate visibility into which users have privileged access in the multi-cloud. For GCP users, that number drops to 41%.
Imposing privileged access controls on entitlements across the multi-cloud remains a challenge
Placing time-limited access controls on privileged access entitlements shrinks an organization’s potential attack surface. While 82% of organizations apply some form of time-limited controls on users, only 28% are able to extend those restrictions across multiple clouds. This discrepancy illustrates that, for many businesses, the rate at which multi-cloud platforms are being adopted has outpaced the ability of IT security professionals to secure them adequately.
Security Challenges in GCP and Multi-Cloud Environments
Operating across multiple clouds creates opportunities that are difficult to achieve with a single platform. But GCP users who choose a multi-cloud environment must navigate the security risks that come with this distributed framework.
Excessive standing privileges create unnecessary risks
Standing privileges are a serious threat to cloud security. When access isn’t time-limited, those privileges remain in place, even when users aren’t actively working. This leaves the digital door unlocked, open for hackers to exploit. This risk also extends to employees who have left the organization but still retain some or all of their privileged access to cloud-based tools and resources.
Gaining a consolidated, cross-cloud view of privileged entitlements
When business operations are spread across multiple cloud environments and applications, gaining a complete view of privileged entitlements is exceptionally challenging. Without a unified picture of the human and synthetic identities operating in the multi-cloud, IT security specialists lack a clear understanding of where they exist and how they’re being used. This lack of control and oversight of users and their behavior creates dangerous blind spots.
Legacy access tools aren’t designed for deployment in the cloud
Traditional access management tools are ill-equipped to secure dynamic, multi-cloud environments. Designed for on-premises systems or single-cloud platforms, these older tools struggle to adapt to the unique security challenges presented by modern, cross-cloud use cases.
Three Strategies for Improving Multi-Cloud Security
As the use of multi-cloud environments matures, so have the tools for adequately securing them. Here are three powerful ways to ensure your organization’s digital assets remain protected across platforms.
Adopt a Zero Trust model
Zero Trust is a holistic model for securing network, application, and data resources, with a focus on providing an identity-centric policy model for controlling access. Zero Trust eliminates implicit trust from a system’s security architecture. This includes traditional access controls like two-factor authentication as well as dynamic restrictions on who can take what actions and when. One example is the enforcement of least privileged access (LPA). LPA limits access rights for users, accounts, and computing processes to only those resources needed to complete the required tasks. Preventing the over-provisioning of privileges makes compromised accounts much less useful to hackers and minimizes the potential damage from an insider threat.
Implement Just-In-Time (JIT) access
An integral part of Zero Trust, JIT permissions are only granted for the minimum time required to complete the task that requires them. When permissions are granted only on an as-needed basis, human and synthetic users don’t have standing permissions that can be exploited at will. JIT access can be deployed across all cloud platforms via an API that automatically grants and revokes user permissions. This dramatically reduces the size of your organization’s attack surface.
Boost visibility into privileged entitlements
When resources and applications are distributed across multiple clouds, gaining a comprehensive view can challenge even the most seasoned IT security professionals. A modern cloud security solution enhances visibility, making it possible to identify potential vulnerabilities such as elevated permissions, standing permissions, and suspicious user behavior. With this level of insight, security teams are empowered to make strategic decisions about how the organization manages access.
Multi-Cloud GCP Users Must Focus on Security
When cross-cloud security concerns go unaddressed, GCP users remain vulnerable to attacks from hackers and malicious insiders. Risks stem from an over-reliance on GCP’s native security features and the logistical challenges that stem from operating in a multi-cloud environment. By implementing a modern cross-cloud security solution, businesses can properly secure their digital assets while protecting themselves from the damaging effects of a cybersecurity breach.
See the full report with Britive’s research.