The goal of harding multi-cloud environments is now more important than ever with the mass shift to remote work and bad actors seeking novel ways to infiltrate public, private and hybrid cloud infrastructures accessed from so many more entry points. Below are five tips to help secure cloud architecture. Read More
- Gain visibility and define workloads
Weāve all heard it before, but itās worth repeating: If you donāt know an asset exists, you canāt secure it. This is why Snyder ranks gaining visibility as a top priority. āThereās no way that you canāt have that visibility, know whether itās in a secure state, whether itās properly configured, properly secured, etc.,ā he said. āSo, you really have to have visibility in order to gain security around it.ā - Focus on password policies, MFA and logs
Just as with on-premises data centers, all cloud environments demand established and enforced identity and access management systems that incorporate strong passwords, multi-factor authentication and auditable logs. Despite being a best practice, itās one that often gets overlooked. - Clean up attack surfaces
While he acknowledged that he has sometimes received pushback about how hygiene impacts cloud security, Snyder points out that when larger firms go to the cloud, they sometimes tend to open their clouds more broadly. For example, a website is established to generate leads during a 30- or 60-day marketing campaign. But when the campaign ends, the site is now an āorphan,ā a workload no longer serving a useful purpose while spreading an organizationās attack surface. - Pay close attention to perimeter security
More multi-cloud mistakes come from failing to properly follow the aforementioned recommendations. Once better cyber hygiene is established, along with better visibility and inventory building, itās time to tighten your cloud security perimeter just as you would an on-premises data center. This means closing buckets and locking down ports. - Encrypt where needed
While the complexity of a cloud environment can make previously mentioned recommendations difficult, one suggestion that is actually easier in the cloud is encryption. All cloud providers now offer multiple encryption options, depending on workloads and the location of key data assets. This harkens back to earlier points about defining workloads and knowing a firmās data assets.
iTM covers all aspects of cybersecurity from Home cyber security managed solutions to automated, manage threat intelligence, forensic investigations, Cloud security best practice and cyber security training. Our objective is to support organisations and consumers at every step of their cyber maturity journey. Contact Us for more information.