Page 84 - Cyber Defense eMagazine August 2023
P. 84
• Define ‘Confidential/Sensitive Data’ as it pertains to your organization: For example, this could be
PII information such as SSN, home address, email etc. Classifying this data will help you identify
what needs to be protected most carefully. Once identified, consider approaches such as
tokenizing, obscuring or de-identifying PII data even to folks within your organization
• Lock down access to sensitive data: Use identity and access management controls to implement
‘least privilege’ and limit access to sensitive data. Use tools for audit trails to get granular insights
on who in the organization accessed what type of data and use that information to further restrict
access if the controls are over provisioned.
• Monitor for phishing attacks: Phishing attacks via email are the most common attack mechanisms
for fraud and malware. Ensure you have the necessary protection systems in your email servers
to limit the attack servers. SaaS email systems such as Gmail have advanced protection
mechanisms against phishing built-in.
• Extend zero trust security in your organization: The traditional approach to cybersecurity is based
on the idea of a perimeter. This means that organizations build a perimeter around their networks
and then try to keep unauthorized bad actors out. With the rise of remote work and cloud
computing, it is no longer possible to simply keep everyone out of the network and protection
simply based on a perimeter model is outdated. Zero trust security takes a novel approach to the
“keep the bad actors out” problem. In a layered zero trust model, the concept of perimeter ceases
to exist and no one is trusted implicitly. This means that every access request needs to be passed
at several levels of checks such as device identity, user identity etc. before the request can make
its way all the way to the resource that it has seeked access to. For example, you could use
Google Cloud’s out of the box BeyondCorp solution that helps enterprises implement zero-trust
at-scale.
After you have done the due diligence of doing a thorough analysis of the 4 secure framework
considerations as called out above, you can confidently say that you are ready to deploy your workload
in the cloud. Depending on what kind of workload you intend to run in the cloud - such as analytics,
managed Kubernetes, serverless, databases etc., the next step is to deep-dive into the security features
of the specific cloud native services that you are planning on using for your workload. Specifically, the
three key areas where you want to focus next are - application/infrastructure security, network security
and finally data security (at-rest, in transit and while processing) Last but not the least, consider using a
logging and detection tool and a centralized monitoring platform which will help you to quickly view all
your threats and vulnerabilities in a single place and take actions on them immediately before you incur
a potential attack that can tarnish your organization’s reputation.
Cyber Defense eMagazine – August 2023 Edition 84
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.