Five Best Practices for Cloud Security
Cloud Security is a fundamentally new landscape for many companies. While many of the security principles remain the same as on-premises, the implementation is often different. This overview provides a snapshot of five best practices for the cloud security: identity and access control, security posture management, apps and data security, threat protection, and network security.
Strengthen access control
Traditional security practices are not enough to defend against modern security attacks. Therefor the modern security practice is to “assume breach”; protect as though the attacker has breached the network perimeter. Today, users work from many locations with multiple devices and apps. The only constant is user identity, which is why it is the new security control plane.
Improve Security Posture
With more and more recommendations and security vulnerabilities identified, it is harder to triage and prioritize response. make sure you have the tools you need to access your current environments and assets and identify potential security issues.
Secure Apps and Data
Protect data, apps, and infrastructure through a layered, defense-in-depth strategy across identity, data, hosts, and networks.
IaaS: for applications running in virtual machines, more of the burden is on the customer to ensure that both the application and OS are secure.
PaaS: as you move to cloud-native PaaS, cloud providers like Microsoft will take more of the security responsibility at the OS level itself.
SaaS: at the SaaS level, more responsibility shifts away from the customer.
Operational security posture — Protect, Detect and Respond — should be informed by unparalleled security intelligence to identify rapidly evolving threats early so you can respond quickly.
Protect the network
We’re in a time of transformation for network security. As the landscape changes, your security solutions must meet the challenges of the evolving threat landscape and make it more difficult for attackers to exploit networks.