for CLOUD CUSTOMERS SECURITY CHECKLIST

Protection of Data in Transit and Data at Rest
Since data in transit is vulnerable to interception by malicious outsiders, making it a critical security risk, organizations need to encrypt data both at rest in cloud containers, and in transit.

Asset Protection
Security teams should implement security policies across all digital assets and also secure the data held on apps and control access to those apps.

Visibility and Control
Security teams should maintain visibility and control of the cloud assets by monitoring data, usage and user behavior and putting in place systems that alerts the administrator of any unexpected activity.

Trusted Security Marketplace and Partner Network
Can you trust your cloud provider? If not, find another one. Choose a CSP that implements security best practices, meets CSA or ISO standards and harmonizes their services with your company’s compliance standards.

Secure User Management
User access management tools or Identity and Access Management Systems (IAM) must be applied wherever users can access cloud assets to ensure total visibility and security.

Compliance and Security Integration
All cloud deployments must comply with relevant data security regulations. This applies to all companies dealing with client data, including personally identifiable information (PII).

Identity and Authentication
Protect cloud infrastructure with 2-factor authentication (2FA) tools that demand more than just password credentials. This limits the ability of attackers to breach cloud perimeters.

Operational Security
Operational security controls must be used to neutralize common cloud threats by managing vulnerabilities, tracking activity and monitoring threats, and responding to attacks to limit the damage.
