Cloud Finops is the discipline of accounting and optimizing cloud computing expenses. It’s a reaction to years of undisciplined cloud spending, or a way to realign the use of cloud resources. All in all, this is a step in the right direction. However, it is rarely discussed as a path to improved security.
Links to cloud security
Effective cloud controls require a strong understanding of cloud usage patterns. What happens during normal operations? By identifying and monitoring cloud usage, Finops teams can detect anomalies. They can also spot most misconfigurations in cloud security and therefore potential security threats.
The best part is that they can do this well before a breach is likely to occur.
Finops tools provide insights into cloud cost management. Unexpected spikes in spending may indicate a data breach, such as CPU saturation due to an ongoing attack.
Finops can also help integrate security policies with financial controls. Teams can ensure that only approved resources and configurations are used. This reduces the risk of misconfiguration that can lead to security vulnerabilities and data breaches. Show me a deployed cloud; I will show you dangerous misconfigurations. Additionally, the more complex things like multi-cloud are, the more likely you are to see these misconfigurations.
Attackers with unauthorized access to cloud accounts can change financial settings and launch unauthorized services without the account owner’s knowledge. Finops tools’ policies can protect against unauthorized provisioning of machine instances and storage. This reduces the risk of identity theft.
Showback and chargeback data can help identify which teams are misconfiguring cloud services. Additionally, budget alerts set to spending thresholds can detect potential misconfigurations in cloud services.
Synchronize Finops and cloud security
The existing relationship between cloud controls and cloud security is often non-existent. In fact, many people view the finops team as annoying people who send emails demanding that cloud instances be shut down or warning that you are about to exceed your budget for cloud database usage. After work, they sit at different cafeteria tables and go to separate bars.
Since each group can benefit the other, how can we get them to work better together? I have a few suggestions.
Established financial affairs and cybersecurity teams should evaluate their working relationships annually as part of a continuous improvement effort. I see significant breaches occurring, but I found that the finops team saw the increase in CPU costs, which could be an indication that an attack has begun. But for some reason, it was well below the radar of cloud security teams.
Broadly speaking, this includes operations, expenses, security, governance, etc. It points to the need for a higher level of observability, including Deploy tools available across public cloud providers rather than focusing on tactical technology silos such as a single cloud provider. even above legacy and traditional on-premises systems. This is the idea behind a supercloud or metacloud, which is still growing as a concept and technology stack.