Companies with widespread shadow IT often use multiple clouds, often interconnected. Cloud environments are easy to set up, but when multiple clouds are deployed—including automatically based on scripts—IT and security teams must race to keep up with the growing attack surface.
DevOps often unwittingly creates the security risks associated with shadow IT. Take, for example, a developer who creates his own service by deploying cloud infrastructure. This may be done through a master account from the company's cloud provider or a variety of other methods that make life easier for developers but difficult for IT to monitor.
These services may be decommissioned after a period algeria mobile database time, but they remain in the company's cloud environment. The attacker then finds the service and checks to see if the underlying asset is protected. Attackers often look for weaknesses in company assets that should have been decommissioned or are not known and managed by the IT department. Multiply this by the number of developers in the organization, and then by the number of cloud applications, and the problem is magnified. The problem is that the IT department may simply not be aware of the cloud resources being used.
As we now understand, it has become easier than ever for organizations to scale and accelerate IT operations by leveraging public cloud platforms. However, as an organization’s cloud attack surface becomes more complex and difficult to control, it is becoming easier for attackers to exploit cloud misconfigurations and vulnerabilities.
The attacker's point of view
In a multi-cloud environment where servers and services are constantly changing, security controls often fail to do their job. This leads to blind spots, unidentified and unverified devices and data.