Blogginlägg - 6 Maj 2019 16:19

Top 5 tips: How to secure your Cloud environment?

According to the RightScale State of the Cloud Report, 96% of organizations already opted for the Cloud. Their main drivers for considering cloud-based solutions are:

Faster time to deployment
Cost savings
Scalability
Flexibility
Agility

77% of those cloud users still worry about its security. It is essential to keep in mind that the Cloud provider is only responsible for the security of the underlying platform. Your organization needs to take care of the data, and the identities that have access to your SaaS applications. Here are some tips:

Identity is the new perimeter

The clear majority of cloud breaches (81%) involves weak or stolen passwords or the misuse of credentials. It is therefore crucial to have a proper Identity and Access Strategy that relies on multifactor authentication. The user experience is important too. Single-sign-on is an easy tool that will enhance your sign-in process. A proper security awareness training of your employees is necessary too. End Users can be the weakest link.

Discover our security awareness training.

Know and classify your data

What types of data do you have? Where does it reside and how sensitive is your data? You need to know which data and which applications are in use. There might be more going on than you think. Shadow IT is a widespread problem in companies. Risky and unwanted applications should be identified by means of a proxy or next-generation firewall filtering.

Establish a control plane

Cloud Access Security Brokers (CASB) can help you enforce coherent security policies. You must impose control on cloud-level, at the gateway, and on endpoint level. These policy-based controls are essential to prevent data leakage.

Furthermore, central administration for provisioning and decommissioning of users is very advantageous. When an employee leaves the company for example, you can easily decommission all his/her user accounts.

Monitor your cloud for anomalies

Knowing who is accessing which applications is important. But it is equally important to understand what the users are doing with that data. We strongly recommend creating visibility into who is accessing which applications and to keep an overview of which data is sent to the applications or downloaded.

You can monitor your cloud for anomalies through SIEM technology, cloud threat detection platforms and behavioral analytics. Another option is ‘Managed Services’.

SecureLink can be your trusted advisor in the Cloud Security challenge!

Ämnen

Kategorier

The CISO Files

Regioner

Kontakter

Marie Waller

Presskontakt Head of Marketing and Vendor Relations marie.waller@orangecyberdefense.com

Maria Lundmark

Presskontakt Digital Marketing Manager Orange Cyberdefense Sweden maria.lundmark@orangecyberdefense.com

Camilla Gyllenberg

Presskontakt Content and Market Analyst Manager camilla.gyllenberg@orangecyberdefense.com

Relaterat innehåll

6 Maj 2019 16:22

The IoT / OT challenge

How to secure your OT/IoT environment? SecureLink CTO Wim De Smet gives some clear tips.

21 Maj 2019 09:17

When the attack has taken place, it is too late to talk to your board

In order to get the buy-in from your board of directors, they must understand the importance of cybersecurity, from the design phase up to the response phase. Only then will they include it in their overall strategy. But, how to get them involved?

21 Maj 2019 09:34

Innovation or proven-value? What to choose?

Hackers are continually finding new technologies for sophisticated attacks. Companies need to make sure they catch up and are able to prevent, detect and respond. It is often difficult to decide whether to opt for innovation or not. But, every environment is different, so each company should test whether the new technology fits their business-purpose.

29 Maj 2019 10:37

How to secure the growing number of mobile devices?

It is essential to classify your data. You need to know which data you have, where it resides and how it is processed and by whom. Users play a significant role as they are the ones that use your applications and data in their workspace. The new generation of employees wants to work anytime, anywhere and on any device. However, this mobility requires additional security.