You know what's rare in this industry? Finding a partner who doesn't just sell your product, but actually thinks about the problems it solves. Someone who reads the same security articles you do and immediately connects the dots to real customer pain.
That's exactly what happened last week when Geno Barletta, our lead technical contact at Crayon, sent over his breakdown of a CSO Online article about cloud misconfigurations. I was going to write something about this piece myself, but honestly, Geno nailed it so perfectly that I'm just going to let his work speak for itself.
Why This Matters Right Now
First, some context. The article Geno analyzed tackles a question that keeps me up at night: why can't enterprises get a handle on cloud misconfiguration problems? It's 2025, cloud has been mainstream for years, and yet we're somehow getting worse at securing it.
The statistics are brutal. And Geno, being the thorough professional he is, pulled out the most important insights and packaged them in a way that any IT leader can understand and act on.
Geno's Key Takeaways (In His Own Words)
Here's what Geno highlighted from the research:
The Current State of Affairs:
- Cloud configurations are putting enterprises at serious risk
- There's a fundamental lack of knowledge and missing expertise for securing cloud resources
- According to Qualys' April 2025 report:
- 28% of organizations had a cloud or SaaS breach in the last year
- 24% identified misconfigured services as the biggest risk (third place after human error and targeted cyberattacks)
- When they inspected 44 million virtual machines, they found:
- AWS: 45% had misconfigured resources
- GCP: 63% had misconfigured resources
- Azure: 70% had misconfigured resources
- 63% of VMs had no encryption on Amazon's Elastic Block Store (EBS) storage
The Root Causes:
- By default, every cloud resource is insecure, and it's the customer's responsibility to secure it (define and manage ongoing)
- Teams are enabling security controls without fully understanding their impact. Cloud is a different beast than on-premise access
- Security for cloud applications is treated as an afterthought, and blind spots and gaps are never addressed, creating real business risks
- Shadow cloud and AI usage is relentless, with users just trying to "do their job" with limited knowledge and resources
- Especially when "we used XX in my last job, and it was easy," but now it's not sanctioned and not secure
- This is the biggest source of data exfiltration
- There's no single visibility across multiple estates for control and management, let alone governance
- Bulk changes (mergers, acquisitions, restructures) are where loosened security controls remain ongoing, creating another risk vector
- The biggest mistakes arise from the smallest configuration changes (due to lack of knowledge, skills, impact understanding, and oversight)
What Actually Works:
- Simple things that make a big security impact (benefits) are often not performed:
- Enforced MFA
- Encryption (at rest and in transit)
- Segmentation (cloud and on-premises)
- Start with least privilege always
- Zero trust principles
- Proper access and privilege management
- Adopt zero trust principles always: assume breach, enforce least privilege, and verify explicitly
- Automation is king for machine-speed response
- Configuration baselines: establishment, alignment, monitoring, and remediation
Why This Partnership Works
You see why I'm excited about working with Geno and the Crayon team? They're not just checking boxes on a distribution agreement. They're actually thinking about how to help their MSP partners solve these exact problems for their customers.
When your distributor reads security research and immediately thinks "this is why Senserva matters," you know you've found the right partner.
Let's Talk About It
If you're dealing with these misconfiguration challenges (and let's be honest, who isn't?), we're hosting a webinar where we'll dig deeper into these issues and show how automated configuration baseline management can actually solve them.
Join us for our upcoming webinar with the Crayon team:
Register here
We'll cover:
- Real-world examples of how configuration drift creates vulnerabilities
- Why manual approaches can't keep up with cloud-speed change
- How automation transforms configuration management from a constant firefight into a strategic advantage
- Practical steps you can take immediately to reduce your misconfiguration risk
Thanks to Geno for the excellent summary and for being the kind of partner who actually gets what we're trying to accomplish here. This is what great distribution partnerships look like.
See you at the webinar.
