The main public cloud providers have demonstrated success at keeping their services resilient and available, showing no signs of buckling under attack. Nonetheless, the risk of attacks and downtime are always present and costly.
Moreover, the cloud reduces the scope of required traditional security work, but doesn’t eliminate it. Moving workloads to the cloud doesn’t automatically make them “more secure.” Any breach can take down a system, causing lost productivity and revenues. Even with identity access management (IAM) and data security, technology professionals must remain vigilant.
We work with numerous organizations on their cloud security, in addition to implementing cloud. With security being top of mind for many leaders, we offer some of the following tips:
- Establish a Security Control Plane: Visibility is one of the most important pieces of IT security. Use third party-tools to establish a security control plane to achieve better visibility, data security, threat protection and compliance, as well as to automate security configurations.
- Solidify Identity Access Management: Every individual within the organization should know and understand their role. Incorporate appropriate IAM from the outset, ideally based on roles, especially for administration duties. Customers, not the provider, are responsible for defining who can do what within their subscription.
- Backup All Your Data: To spread risk most effectively, back up all data in a fault domain distinct from where it resides in production. Some cloud providers offer backup capabilities as an extra cost option, but it isn’t a substitute for proper backups. Data backup is up to you!
- Be Accountable For Your Applications: You are responsible for the code and technology you develop. Use static and dynamic testing tools to identify and remove application vulnerabilities. For cloud-based workloads, consider using cloud-based testing tools.
- Stay Compliant: Cloud platforms will indicate their compliance and regularly update this on their collateral. Leverage the benefit of being “compliant by inclusion” by incorporating the provider’s published attestations into your own.
Are you looking to learn more about migrating to the cloud? Reach out for a conversation with one of our specialists at firstname.lastname@example.org and download our Amazon Web Services guide for platform best practices and tips.