The advent of Cloud providers in a big way impacts the way we are developing new applications since in most cases these new applications will be distributed in nature, many times across different cloud vendors and on/premises. This new reality poses a challenge, not just to the developers, but equally for us cybersecurity professionals.
Why might a new application need to be designed as a distributed system? Well, a customer might have their ERP systems running with Oracle Cloud Infrastructure, have some Infrastructure as a Service running in Microsoft Azure, customer data might be with Salesforce and some data that is kept on premises is needed as well. That is 4 different locations for data, with different access requirements as well as locations. These kinds of situations require a distributed application systems, with all the challenges that entails.
Some of the challenges are:
Network Security: Since distributed applications rely heavily on network communication, they are susceptible to various network-based attacks like eavesdropping, man-in-the-middle attacks, and denial-of-service (DoS) attacks.
Data Security and Privacy: Ensuring the confidentiality and integrity of data as it moves across different nodes in a distributed system is crucial. There’s a higher risk of data breaches and leaks due to the multiple points of access.
Authentication and Authorization: Distributed applications often require robust mechanisms for authenticating and authorizing users and services. This becomes complex as the number of users and services increases, especially when they span different security domains.
Distributed Denial of Service (DDoS) Attacks: These are more potent against distributed systems as they can target multiple components simultaneously, overwhelming the system more effectively than a single-target attack.
Software Security: The complexity of distributed applications can lead to increased vulnerabilities in software, as ensuring consistent security practices across all components is challenging.
Configuration and Management Security: Misconfigurations in a distributed setup can lead to significant security loopholes. Maintaining a secure configuration across a distributed architecture is complex and error-prone.
Compliance and Legal Challenges: Complying with various data protection and privacy laws becomes more challenging in distributed systems, especially when they span multiple jurisdictions.
Update and Patch Management: Ensuring that all components of a distributed system are regularly updated and patched against known vulnerabilities can be difficult, given the heterogeneous and geographically dispersed nature of these systems.
Interoperability and Standardization Issues: Different components in a distributed system might use different security protocols and standards, leading to potential weaknesses and compatibility issues.
Each of the above issues deserves an entire book by itself, regarding the implications to distributed systems, but in this article, I would like to focus on Software security and interoperability between cloud vendors.
Developing software that runs across different systems with different cloud vendors running different databases, operating systems, and security systems and managing their cloud platforms differently from each other is a major headache for the security of a distributed application.
Rarely do I see a single cloud vendor strategy for a company or organization in Denmark. Multi-cloud seems to be the choice across Europe as well, I expect the same to be the case in other regions of the world as well. Some of the major challenges with having an application run across different clouds are:
Inconsistent Security Policies and Standards: Each cloud provider might have its own set of security policies and controls. Ensuring consistency across these varying environments is difficult, which can lead to gaps in security coverage.
Increased Attack Surface: Using multiple cloud vendors inherently increases the number of potential points of entry for cyberattacks. Managing security across these diverse environments is complex.
Identity and Access Management (IAM) Complexity: Managing user identities and access controls across multiple platforms is challenging. There’s a higher risk of misconfiguration, which can lead to unauthorized access.
Difficulty in Monitoring and Incident Response: Having data and applications distributed across different cloud environments can make it harder to monitor security threats and respond effectively to incidents.
Integration and Interoperability Challenges: Ensuring secure and seamless integration between services hosted on different clouds is not straightforward. Poorly integrated systems can introduce vulnerabilities.
None of these issues are easily mitigated but are important nonetheless. Fortunately, there are signs in the market that the various vendors have recognized this challenge. You can use Azure AD with the Oracle Cloud and Microsoft and Oracle have begun collaborating on the databases across their clouds. I expect that this trend, of cross-cloud collaboration, will increase in speed over the coming years.
Add to that that no company or organization will want to be locked into a single vendor, with the business risks that this implies, like increased costs or vendor strategies that are not conducive to the strategy of the business.
Cloud interoperability issues arise when there are challenges in achieving seamless integration and operation across different cloud platforms. This is not just related to different platforms necessarily, but the devil is in the details. Some of the challenges are:
Incompatible APIs: Different cloud providers often use proprietary APIs. This can create challenges when trying to integrate services or migrate data and applications from one cloud to another, as the APIs may not communicate effectively with each other.
Data Portability Problems: Moving data between different cloud environments can be problematic due to varying data formats, storage architectures, and protocols used by different providers. This can lead to issues in data integrity and consistency.
Divergent Security Models: Each cloud provider may implement different security models and compliance standards. Aligning these to ensure consistent security policies and compliance across cloud platforms can be challenging.
Varied Performance Standards: Different cloud services may offer varying levels of performance, which can impact the overall performance of integrated systems, particularly for applications that require real-time processing and quick data transfer rates.
Complex Network Configurations: Establishing secure and efficient network connectivity between different cloud environments can be complex. It involves dealing with different networking protocols, bandwidth limitations, and latency issues.
Vendor-Specific Features and Extensions: Some cloud providers offer unique features or extensions that are not supported or available in other clouds. This can lead to vendor lock-in and complications when trying to maintain or replicate similar functionalities across different cloud environments.
Complexity in Automation and Orchestration: Automating and orchestrating workflows across multiple cloud platforms can be difficult due to the need for customized scripting and integration work to accommodate the different environments.
These are all issues that can be controlled and mitigated in the application, but they add complexity to the application and complexity is, in my humble opinion, the enemy of cybersecurity. I am not advocating for a single cloud strategy for new applications, certainly not, but these are new issues that must be considered when the requirements for a new application must run across multiple cloud vendors and might also touch on data that are kept on-premises.
Distributed application systems are fast becoming the norm for many new application development projects. What is a responsible way of designing and developing these?
Use Security-Focused Development Practices: Adopt a secure software development lifecycle (SDLC) that integrates security considerations from the initial stages of development. This includes code reviews, static and dynamic code analysis, and incorporating security in the design phase.
Compliance and Legal Considerations: Ensure the system adheres to relevant industry standards and legal requirements, like GDPR, HIPAA, or PCI-DSS, depending on the nature of the application and the data it handles.
Zero Trust Architecture: Adopt a zero-trust approach, where no user or service is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources in the network.
Tom Madsen has been active in the cybersecurity industry for more than 20 years. Tom graduated from the University of Aalborg and covered several technical roles in security during his professional career. He is certified as CISSP, CISA, CISM, CGEIT, CRISK, CCSP, CDSPE and CSSLP, and has published the book "The Art of War for Cybersecurity". He is currently writing a book 'Security Architecture - How & Why'.