For many companies, cloud security is a relatively new playing field. Although a lot of security principles are the same as on-premises, the implementation with cloud security differs. These are the general areas where the five best practices can be implemented for security in the cloud: access control, security posture management, apps and data security, threat protection, and network security.
1. Strengthening access control
The modern approach to security is to assume breach because traditional security policies are no longer enough against modern, sophisticated cyberattacks. Modern users work from many locations with different devices and apps, so user identity has become the new security control method.
- Launch multi-factor authentication for an additional layer of security by requiring two or more of the following authentication methods:
- Something you know (a password)
- Something you have (a trusted device, like a phone) to authenticate sign-on
- Something you are (biometrics like face ID or fingerprint)
- Utilize conditional access
- Increase productivity by establishing how a resource is accessed through an access control decision.
- Implement automated access control based on conditions, such as role-based, for accessing cloud apps.
- Adopt a zero-trust model
- Assume breach and verify the identity of every authentication request before granting access.
2. Improving security posture
With the ability to identify more security vulnerabilities and more security recommendations, it has become more difficult for organizations to prioritize response. It is essential to ensure you have tools to assess the current security environment and have a system to identify potential security threats and issues.
- Improve current security posture
- Tools like Secure Score in Azure security Center will help with understanding and improving security posture and implementing best practices.
- Spread awareness amongst stakeholders
- Keep stakeholders updated and aware of the security challenges and solutions.
- Share the security progress you have made with stakeholders to show how the security posture of the organization has improved.
- Collaborate with the IT operations team on policies
- Instead of being stuck on reactive mode and remaining vulnerable to threats, it is better to work with IT teams from the start and apply key security policies to protect data from being lost or stolen.
3. Securing apps and data
Develop a secure infrastructure through a layered strategy ranging from identity, data, hosts, and networks to protect data and apps.
- Encryption
- Data encryption is essential, and having infrastructure that automates the process and allows mobility increases productivity.
- Follow security best practices
- Ensuring your open source networks do not have vulnerabilities helps keep your data and apps protected.
- Share the responsibility
- Unlike companies who operate on premises and are responsible for their security, in the cloud, responsibilities change depending on how you use the cloud, with some responsibilities taken over by the cloud provider.
4. Mitigating threats
Security intelligence that helps identify quickly evolving threats is essential for early detection and response, and for keeping the operational security posture (protection, detection, and response) informed.
- Ensure detection for every resource
- Enable threat detection for virtual machines, databases, storage, and IoT. The built-in threat detection within Azure Security Center supports all Azure resource types.
- Make threat intelligence more integrated
- Using a cloud provider that integrates threat intelligence provides the necessary context, relevance, and prioritization to make faster and more proactive decisions.
- Refresh and update your security information and event management (SIEM)
- Choose a cloud-native SIEM that serves your security needs, uses AI to reduce noise, and doesn’t require infrastructure.
5. Protecting the network
As the landscape of network security changes, the security solutions must overcome the challenges of evolving threats and make exploiting networks more difficult.
- Maintain a strong firewall protection
- With identity and access management, it is even better to set up your firewall. To protect the perimeter, detect malicious activity, and ensure response, controls need to be in place. A web application firewall protects web apps from common exploits like cross-site scripting.
- Allow Distributed Denial of Service (DDoS) Protection
- Keep up availability and performance by protecting web assets and networks from hostile traffic targeting apps and network layers.
- Build a micro-segmented network
- A flat network allows attackers to move with ease. Using micro-segmentation enables micro perimeters to support zero trust networking.