How Incorrect Cloud Configurations Put Businesses at Risk
Cloud technologies have become an integral part of modern businesses. However, many organizations rely too heavily on cloud providers’ security measures and overlook the fact that they themselves are responsible for key security aspects. Misconfigurations are among the most common causes of security incidents and provide hackers with an easy way to access sensitive data. The Elastic Global Threat Report 2024 highlights which cloud services are particularly vulnerable—and how companies can improve their cloud security.
Misconfigurations as the biggest cloud risk
Security in cloud environments depends heavily on configuration settings. Companies that overlook critical security measures expose themselves to significant risks. The most common issues include inadequate encryption, misconfigured access controls, and a lack of multi-factor authentication.
According to the latest report, these vulnerabilities are among the biggest security risks for cloud providers Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure.
Google Cloud Platform: Insecure Encryption in BigQuery
Nearly 44 percent of all security issues in GCP are attributable to faulty encryption in BigQuery. This cloud analytics tool is frequently used to process large datasets and often contains highly sensitive information.
96 percent of security vulnerabilities in BigQuery arise because companies do not use Customer Managed Encryption Keys (CMEK). Without this additional layer of encryption, there is a lack of critical control over stored data. Another issue is that 51 percent of insecure GCP instances do not use Customer Supplied Encryption Keys (CSEK), causing companies to lose control over their data.
Recommended action: Organizations should ensure that they enable CMEK and CSEK to better protect access to their cloud data.
Amazon Web Services: Lack of Multi-Factor Authentication
Amazon S3, AWS’s object storage service, is a particularly popular target for attackers. About 30 percent of detected security issues affect this service. The most common flaw: 53 percent of S3 buckets do not use multi-factor authentication (MFA) for delete permissions. Without MFA, hackers can use compromised credentials to access stored data and manipulate or delete it.
Network errors also pose a significant risk in AWS environments. Thirty-three percent of critical security vulnerabilities result from misconfigured access rules that allow attackers to connect to networks using any IP address or port.
Recommended action: Enable MFA for S3 and configure network access to be restrictive to prevent unauthorized access.
Microsoft Azure: Insecure storage accounts
Nearly 50 percent of critical security vulnerabilities in Microsoft Azure affect storage accounts. Companies often fail to enable an additional layer of encryption or to sufficiently restrict access controls.
In particular, a second layer of encryption—which can serve as a last line of defense against attackers in the event of a breach—is often missing. In addition, many Azure configurations allow access to storage accounts from external networks, which poses a significant risk.
Recommended action: Organizations should secure their Azure storage accounts with additional encryption and allow access only through private endpoints.
Conclusion: Cloud security requires clear responsibilities
Responsibility for cloud security does not rest solely with the cloud provider—companies must take proactive steps to protect their data. Misconfigurations are a preventable risk that can be minimized through simple measures.
Recommended safety measures:
- Check access rights regularly and grant them sparingly
- Enable multi-factor authentication for all critical cloud services
- Implementing data encryption with custom keys (CMEK/CSEK)
- Conduct regular security audits to identify vulnerabilities
- Use private endpoints for cloud storage
A secure cloud environment starts with clear responsibilities and consistent security policies. Companies that take their cloud security seriously significantly reduce the risk of data breaches and cyberattacks.