Top Risks with Ephemeral Data Stores and 5 Preventative Steps You Can Take

Shahar Avraham, Product Management at Eureka Security
Shahar Avraham, Product Management at Eureka Security

An ephemeral cloud environment is best described as one meant to last for a limited amount of time as a specific need arises and then destroyed when that need is met. That amount of time can vary from as short as a few hours (i.e. the time it takes to run CI/CD pipeline) or as long as a few weeks (i.e. a customer issue is being reproduced). These environments typically include compute resources as well as data stores, which hold all sorts of data (including sensitive) inside of them. 

No matter the use case, a data store is created, used for a short time, and then discarded. For this blog, we will focus on these. 

The advantages of using ephemeral data stores are numerous: 

  • They usually cost less since they don’t remain active when no longer needed
  • They accelerate the software development lifecycle as developers can easily share and preview changes they’ve made before they are generally available to other stakeholders such as QA, PMs, designers, and even customers.

From a security lens, more often than not, ephemeral data stores are often mistakenly treated as temporary, which means they don’t have the full blown security policies and tools as would be commonplace in “permanent” environments. These can be broken down into 3 main points: 

  • They usually don’t have all the security guardrails in place
  • They usually lack a distinct owner
  • Their usage and activity usually isn’t monitored as thoroughly

This scenario significantly increases the risk of a data breach but also makes it increasingly difficult to investigate an issue. Basically, the time it takes to discover and investigate the problem ends up being longer than the lifetime of the data store itself.

So, what can you do to prevent this?

Define the security processes and procedures with regards to ephemeral environments and data stores inside them, establish ownership, limit and control access, and monitor the usage and security compliance. This should happen from the moment the data store is spun up until after it’s been destroyed. 

Here are 5 steps you should take:

  1. Identify new data stores as soon as they are created 
  2. Configure and use monitoring of maintenance operations, such as clone or backup (and define a data retention period for them once the data store is discarded)
  3. Make sure security measures are implemented in any and all environments. Different policies may apply to different environments depending on their purpose, location, content, or user access. But make sure there is a policy in place for every use-case
  4. Educate your team on using ephemeral data stores wisely and planning ahead 
  5. Make sure the data store is secure and compliant when it comes to data handling (i.e. GDPR requirements for short-lived data stores)

Yes we can help you

Eureka’s unique cloud data security solution provides a seamless process to automatically implement and monitor all the steps above. We can help you identify new data stores in your environment within minutes, classify and understand what data resides within them, keep tabs on access permissions and usage, and finally alert you if there are any misconfigurations, security risks, or violations of your company’s security policy. These insights are also accessible to you even after the data store has been deleted, making it easier to review and investigate issues.

Eureka Security- Cloud data security- Crown logo

Subscribe for updates

For our latest feature releases and updates
Thank you for signing up!
Oops! Something went wrong while submitting the form.
Eureka security Solution brief

Download Eureka solution brief

Learn more about how Eureka can help you
Get it now

Drive secure & compliant data growth

Get a Free Risk Assesment