In regards to Securing a cloud service, whether it's an IaaS, PaaS, and SaaS, continuous monitoring of configuration is even more important in a cloud environment than it is in an on-premise environment. For example, if a database is not configured securely in an on-premise environment, then you still have security at the network layer that might protect you from malicious activities. However, if a databases PaaS (e.g. Amazon RDS) is not configured securely, then there may be no additional layer securing that service from malicious actors. It might even be possible that the database service is configured to allow connections from anyone. Because of the increased risk profile of cloud services, continuous secure configuration monitoring should be a required activity for agencies using cloud services.
In regards to Securing a cloud service, whether it's an IaaS, PaaS, and SaaS, continuous monitoring of configuration is even more important in a cloud environment than it is in an on-premise environment. For example, if a database is not configured securely in an on-premise environment, then you still have security at the network layer that might protect you from malicious activities. However, if a databases PaaS (e.g. Amazon RDS) is not configured securely, then there may be no additional layer securing that service from malicious actors. It might even be possible that the database service is configured to allow connections from anyone. Because of the increased risk profile of cloud services, continuous secure configuration monitoring should be a required activity for agencies using cloud services.