for CLOUD CUSTOMERS SECURITY CHECKLIST
@infosectrain SWIPE LEFT
Protection of Data in Transit and Data at Rest
Since data in transit is vulnerable to interception by malicious outsiders, making it a critical security risk, organizations need to encrypt data both at rest in cloud containers, and in transit.
@infosectrain 01
Asset Protection
Security teams should implement security policies across all digital assets and also secure the data held on apps and control access to those apps.
@infosectrain 02
Visibility and Control
Security teams should maintain visibility and control of the cloud assets by monitoring data, usage and user behavior and putting in place systems that alerts the administrator of any unexpected activity.
@infosectrain 03
Trusted Security Marketplace and Partner Network
Can you trust your cloud provider? If not, find another one. Choose a CSP that implements security best practices, meets CSA or ISO standards and harmonizes their services with your company’s compliance standards.
@infosectrain 04
Secure User Management
User access management tools or Identity and Access Management Systems (IAM) must be applied wherever users can access cloud assets to ensure total visibility and security.
@infosectrain 05
Compliance and Security Integration
All cloud deployments must comply with relevant data security regulations. This applies to all companies dealing with client data, including personally identifiable information (PII).
@infosectrain 06
Identity and Authentication
Protect cloud infrastructure with 2-factor authentication (2FA) tools that demand more than just password credentials. This limits the ability of attackers to breach cloud perimeters.
@infosectrain 07
Operational Security
Operational security controls must be used to neutralize common cloud threats by managing vulnerabilities, tracking activity and monitoring threats, and responding to attacks to limit the damage.
@infosectrain 08
