Home A beginners guide to cloud security management
 

Keywords :   


A beginners guide to cloud security management

2021-03-30 19:34:31| The Webmail Blog

A beginners guide to cloud security management nellmarie.colman Tue, 03/30/2021 - 12:34   Cyber criminals are on the never-ending hunt for data anything they can steal and sell, exploit or hold for ransom. From small businesses to the largest enterprises, everyones data is a target. So its important for you to protect your data, with a layered, defense-in-depth approach. You might already be familiar with how to protect your data in a traditional, on-premises environment such as by restricting admin and user access, using properly configured firewalls and running anti-malware software. But how does data security work in a complex cloud environment? In this guide, well answer these questions, look into best practices for cloud security management and discuss how security experts can help along the journey.   What is cloud security? Cloud security has the same goal as traditional on-premises security: keeping your valuable data safe. It involves procedures and technologies designed to protect your cloud environment against both internal and external threats to your most sensitive business-critical infrastructure.   What is different about cloud security? When comparing on-premises security and cloud security, the main differentiator is the nature of the cloud. The cloud isnt in your data center or at your office, where you can control it. Its in an intangible place that you cant necessarily touch or fully control. As a result, you cant apply your traditional, standard infrastructure controls or enterprise tool sets, as you can with on-premises. With on-prem, you plug in a server, hook it up, and it immediately inherits all of the firewalls, IPs and rule sets you already have running in your environment. In the cloud, you turn a new system on, and it adopts none of those historical protections. This means you must build security at the forefront because once your cloud infrastructure is on, its open to the world. But once youve integrated cloud native tool sets and solutions, you can gain visibility that goes beyond what legacy security provides. Cloud native security solutions enable you to monitor network flow, identify vulnerabilities, integrate threat intelligence and even implement AI learning around your cloud infrastructure and systems.   What is cloud security management? Cloud security management is similar to the model for on-premises security management. It's about understanding what security controls you have in place and how you're securing your environment, systems and data and what you have to do, from a management standpoint, to maintain that visibility. For example, every time you spin up a new instance in the cloud, you need to make sure you push the correct agents and that it has the right policies assigned to it. You need to be sure the controls youve already engineered and architected are in place. Cloud security is quite a bit easier than traditional models, since assuming youre using the cloud correctly you can automate many of the requirements and workflows. For example, in the past, IT may have set up a new server, and perhaps they didnt install any of the agents. You might not notice until sometime later. But in the cloud, you can automate the whole process and specify installations, instead of relying on human workloads or trial-and-error.   How do you manage security in the cloud? To protect your data, you need to take the keys to your data and lock them away such that an adversary would need to break through layer after layer of protection to get to those keys. Cyber criminals look for vulnerable systems and data, so make it difficult for them.   Rule of least privilege The baseline, number-one thing that everyone should do whether youre talking about cloud, on-premises or even a single-instance computer running in your office is implement the rule of least privilege. Basically, if the system doesnt need to do something, dont allow it to. For example, if you have a server thats just processing information in a SQL database, dont install a web browser. That kind of deny-by-default approach alone can remove many common attack vectors. Each time you can eliminate a way for the bad guys to get in or out, youve given a huge boost to your security, with minimal effort and cost.   Zero trust Likewise, if a person within your organization doesnt need access, dont give them access. Take a zero-trust approach inside and outside your organization. Trust no one. For example, say you have a house with a door, and that door has a lock. Your security is the lock on that front door. You give people you trust keys to your front door. You dont trust anyone outside the front door, and you trust everyone inside. Thats how traditional perimeter security works. But lets say youre in the house with those people you trust, but one person goes into your bedroom and is there for 20 minutes. You start wondering, what is that person up to? So you start monitoring their activity and discover theyre stealing your valuables. So, although you need the lock on the front door, you need monitoring, validating and checking within your house as well, preferably focused on areas that are most critical. Thats what zero trust security looks like. You trust nothing and nobody, at any time, and you make it very difficult for someone to do something they shouldnt be doing.   Patching The world is terrible at patching. Most of the major data breaches in the last two decades, not related to zero-day exploits, have been because someone failed to apply a critical patch in a reasonable amount of time. Many recent breaches were caused because patches were ignored for years. Using free, open-source tools online, almost anyone can get into your system and compromise it when it is left without these critical updates.   Bottom line: Staying up to date with your patches is a powerful way to manage risk in the cloud. Cloud native security solutions can help by notifying you of outdated systems and reporting on the specifics, so you can keep them up to date.   Cloud security management with Rackspace Technology When it comes to cloud security management, you dont have to go it alone. Rackspace Technology can partner with you to address every element of your security journey and take the weight off of your in-house team so they can focus on more strategic initiatives. Through our experience across thousands of clients and our extensive partner ecosystem, we can help you define and implement a cloud security strategy designed to keep your business safe. Do you know your current cybersecurity risk score? Take our 15-question self-assessment today. Then take advantage of a professional consultation with one of our cloud experts who will review your results and offer best-practice recommendations on how to address any identified security gaps.   A beginners guide to cloud security managementDiscover the differences between cloud security and traditional on-premises security, as well as best practices for keeping your data safe in the cloud.Discover your cybersecurity risk score./lp/cybersecurity-risk-self-assessmentTake the assessment

Tags: guide management security cloud

Category:Telecommunications

Latest from this category

All news

»
02.11Subtropical Storm Patty Graphics
02.11Tropical Storm Lane Graphics
02.11Tropical Storm Lane Wind Speed Probabilities Number 5
02.11Tropical Storm Lane Forecast Advisory Number 5
02.11Tropical Storm Lane Public Advisory Number 5
02.11Summary for Tropical Storm Lane (EP3/EP132024)
02.11Subtropical Storm Patty Forecast Discussion Number 3
02.11Subtropical Storm Patty Wind Speed Probabilities Number 3
More »