11. Lack Of Continuous Scanning
Clients often aren’t aware of new items in their environment since applications are constantly getting spun up and down, and rapid deployment could lead to the rapid introduction of problems, according to Onkar Birk, Alert Logic’s chief product officer.
The ease with which apps can be introduced into an environment has made it difficult for companies to detect and orchestrate security around them, Birk said. Clients often have a multitude of departments spinning up cloud applications, and Birk said it’s difficult for companies to centrally manage that if they aren’t fully aware of what’s going on.
Businesses should make sure they’re continuously scanning to ensure all data is encrypted and that there aren’t any backdoor versions of the server that are accessible, said Rohit Dhamankar, Alert Logic’s vice president of threat intelligence products. Too often, Dhamankar said the encryption algorithms in place are weak, which ends up leaving SSLs, servers and serverless environments vulnerable.
