Cloud Security Metrics

SMBIT
SMBIT used Ask the Experts™
on
I am working on a CASB solution and would like to know what cloud security metrics are usually important to management.  The plan is to build a dashboard to include these metrics.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Exec Consultant
Distinguished Expert 2018
Commented:
For example,

1- High-Risk Cloud Apps Discovered with parameters for apps (e.g.: Apps without a well-defined privacy policy, hosting data outside EU etc.)

2- Cloud Apps Unauthorized / Authorized e.g. Cloud Services on their own without informing IT, which results in Shadow IT.

3- Sensitive Data Exposures Detected e.g. Files accessible by unauthorized users either via the internet or intranet

4- Number of External Collaborators on files containing sensitive data, hosted within or outside your domain

5- Number of Cloud Services Having Access to Sensitive Data e.g. services which store or process any data which is classified as sensitive by the organization.

6- Number of Cloud Services by Category use by the organization in various categories (e.g.: Social Media, File Sharing, Screen Sharing etc.)

7- Number of Cloud Policy Violations

## Unmanaged Devices having Access to Sensitive Data on Cloud

## Instances of Sensitive Data on Cloud without Organization Managed Encryption Keys

## Unmanaged cloud applications (e.g. which Logs are not there for tracking user activities/logins)

8-  # Administrative or Privileged logins / Cloud Service e.g. Average number of users having admin privileges for authorized cloud applications being
David FavorFractional CTO
Distinguished Expert 2018

Commented:
A very broad question.

Likely best to survey your actual potential users.

Tip: In 2017 I did a 90 day analysis of all the hacked sites I'd cleansed. Here's what I found.

1) All sites were WordPress sites.

2) <10% sites were hacked vectored through WordPress. Hack points were premium/paid themes + plugins. I found no hacks because of outdated WordPress core files, even though some of these sites were running outdated WordPress core versions.

3) 90% sites were hacked because of the following foolishness.

a) LAMP Stacks were running outdated PHP.

b) People were running HTTP WordPress sites rather than HTTPS, using common user/pass combinations which were scraped off the wire.

c) People were running FTP rather than SFTP, using common user/pass combinations which were scraped off the wire.

Summary: Security primarily relates to...

1) Running 100% encrypted protocols, so no clear text user/pass credentials every cross the wire.

2) Vet all premium/paid software as much of this software has backdoors built into them.

3) Keep your entire LAMP Stack (Linux/Apache/MariaDB/PHP/OpenSSL) at latest stable versions at all times.

So in your dashboard... Be sure to find ways to track this sort of data + report this data in a way that's it's actionable.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial