5 Key Areas of Cloud Security
by Sarah Harvey / April 13th, 2020
Data breaches are on the rise worldwide and across cloud platforms – which is why we talk about cloud security within AWS, Azure, and Google Cloud so often. As more and more organizations migrate sensitive information and services to cloud environments, it should drive customers to consider how the cloud will impact their privacy, security, and compliance efforts.
In cloud security audits at KirkpatrickPrice, controls will be tested against our framework that are based on the CIS Benchmarks for AWS, Azure, and Google Cloud. These audits utilize our audit delivery tool, the Online Audit Manager, and the framework assesses five key areas of cloud security:
- Identity and Access Management
- Securing Data in the Cloud
- Securing the Operating System
- Protecting the Network Layer
- Managing Security Monitoring, Alerting, Audit Trail, and Incident Response
As you work to make your cloud infrastructure as secure as it can be, we encourage you to spend extra time in these five areas so that you can strengthen your overall security posture.
Identity and Access Management
IAM is central to a secure environment. Role-based access control and the principle of least privilege have been perennial tenants of access control implementation, and with the rise of cloud infrastructure deployments this is even more true. In fact, Azure says that cloud customers should treat identity as the primary security perimeter because it manages who has what access to which resource. IAM security measures include MFA implementation, password management, creating and disabling credentials, role-based access controls, segregation of environments, and privileged account activity. For industry resources about IAM in the cloud, learn more here:
Securing Data in the Cloud
To secure the data in your cloud, you must consider the security of data in all states – at rest, in transit, and in storage – and who is responsible. The shared responsibility model has become a paradigm that defines interactions with cloud resources and who is responsible for data security. The use of proper encryption and key management solutions within AWS, Azure, and Google Cloud are the two critical areas of data security in the cloud. For industry resources about data security in the cloud, learn more here:
Securing the Operating System
No matter the operating system that your cloud provider supports, maintenance, proper configurations, and patching methods can strengthen the security of that operating system. Scheduling maintenance windows, staying current with system configuration requirements, and establishing a patch baseline are integral components to cloud security and something your organization must be vigilant in implementing, especially given the current cyber climate where malicious individuals and organizations are quick to exploit vulnerabilities. For more industry resources about security operating systems, learn more here:
Protecting the Network Layer
Network security is how you protect resources from unauthorized access. Network security can be a challenging task because it requires an understanding of connectivity between resources. Having a plan of action that identifies where segmentation is required, how connectivity will be implemented, and ongoing hygiene of the network is critical for securing your organizations environments. For industry resources about network security in the cloud, learn more here:
Managing Security Monitoring, Alerting, Audit Trail, and Incident Response
Without a proper monitoring program, you won’t have the insight to recognize security incidents or anything going wrong within your cloud infrastructure. The implementation of monitoring is critical for operational oversight. Ensuring that appropriate data points are being analyzed for security information, event management, and proper correlation algorithms is important for operations in the cloud. No matter the cloud provider you choose, you should utilize the monitoring and logging features, plus enable notifications for things like unexpected configuration changes and authentication failures. For industry resources about monitoring and incident response, learn more here:
