5 Tips for Hardening Multi-Cloud Environments

The goal of harding multi-cloud environments is now more important than ever with the mass shift to remote work and bad actors seeking novel ways to infiltrate public, private and hybrid cloud infrastructures accessed from so many more entry points. Below are five tips to help secure cloud architecture. Read More

  1. Gain visibility and define workloads
    Weā€™ve all heard it before, but itā€™s worth repeating: If you donā€™t know an asset exists, you canā€™t secure it. This is why Snyder ranks gaining visibility as a top priority. ā€œThereā€™s no way that you canā€™t have that visibility, know whether itā€™s in a secure state, whether itā€™s properly configured, properly secured, etc.,ā€ he said. ā€œSo, you really have to have visibility in order to gain security around it.ā€
  2. Focus on password policies, MFA and logs
    Just as with on-premises data centers, all cloud environments demand established and enforced identity and access management systems that incorporate strong passwords, multi-factor authentication and auditable logs. Despite being a best practice, itā€™s one that often gets overlooked.
  3. Clean up attack surfaces
    While he acknowledged that he has sometimes received pushback about how hygiene impacts cloud security, Snyder points out that when larger firms go to the cloud, they sometimes tend to open their clouds more broadly. For example, a website is established to generate leads during a 30- or 60-day marketing campaign. But when the campaign ends, the site is now an ā€œorphan,ā€ a workload no longer serving a useful purpose while spreading an organizationā€™s attack surface.
  4. Pay close attention to perimeter security
    More multi-cloud mistakes come from failing to properly follow the aforementioned recommendations. Once better cyber hygiene is established, along with better visibility and inventory building, itā€™s time to tighten your cloud security perimeter just as you would an on-premises data center. This means closing buckets and locking down ports.
  5. Encrypt where needed
    While the complexity of a cloud environment can make previously mentioned recommendations difficult, one suggestion that is actually easier in the cloud is encryption. All cloud providers now offer multiple encryption options, depending on workloads and the location of key data assets. This harkens back to earlier points about defining workloads and knowing a firmā€™s data assets.

iTM covers all aspects of cybersecurity from Home cyber security managed solutions to automated, manage threat intelligence, forensic investigations, Cloud security best practice and cyber security training. Our objective is to support organisations and consumers at every step of their cyber maturity journey. Contact Us for more information.