Cyber-forward Cloud Strategy for Secure Cloud Deployment and Migration

Cyber Forward Cloud Strategy

Cyber-forward Cloud Strategy for Secure Cloud Deployment and Migration

  • Identity and access management
  • Threat detection
  • Infrastructure protection
  • Data protection and
  • Incident response

  • When you are planning for cloud migration, map all processes that will migrate to the cloud.
  • With this mapping, know exactly how and where your information will be stored.
  • Review all security policies.
  • Re-evaluate and set up a cadence to regularly review users and permissions.
  • Protect Root Accounts.
  • Ensure that Multi-Factor authorization is enabled for the root account to provide two-factor authentication.
  • Create Administration rules with minimum privileges by using IAM policies to limit the access to services needed.
  • Rotate¬†IAM¬†Access Keys at periodic intervals.
  • Ensure and enforce a strong password policy for users.
  • Allow hardened and patching images for deployment and restrict access to images.
  • Deploy strong encryption on EBS and object storage volumes.
  • Activate flow logs to collect IP traffic from and to the network in your virtual private network for further analysis.
  • Control inbound and outbound traffic to virtual instances with clearly structured security groups.
  • Ensure restricted inbound access to SSH, FTP, SMTP, MySQL, PostgreSQL, MongoDB, MSSQL, CIFS to required entities only.
  • Follow the best practices to manage the access keys
  • Do not allow public access to Object storage volumes
  • Ensure no ACLs allow unrestricted inbound or outbound access
  • Encrypt Inbound and outbound data traffic to Storage volumes
  • Make sure both CloudTrail itself and CloudTrail logging are enabled for all regions
  • Familiarize with detailed billing and monitor monthly usage

Related Topics:

Secure Access Service Edge (SASE) – All you need to know!

Cloud Native and App Modernization Security concerns – Exploring Container Security

Application Security in a Cloud First World

Share this post