By Dannie Combs, CISO at DFIN
Article text as more companies move data to the cloud, cybersecurity becomes a growing concern. Keeping ahead of evolving threats takes vigilance and solid architecture. Here are five strategies every IT team should consider improving its company’s cloud security processes in 2019:
1 – Address Limited Visibility
With the rapid rise of cloud technology and DevOps practices, some security teams attempt to minimize risk by limiting the speed of change. Though minimizing risk is a valid goal, this method fails to address extremely fast-moving, technology-dependent business requirements and, as a result, in-cloud Shadow IT often emerges.
Cybersecurity teams must be able to answer three fundamental questions in order to successfully ensure visibility across their cloud footprints:
What applications are running in their cloud?
What data is being stored and/or processed within each cloud application?
Who has access to data and applications?
In 2019, teams should resolve to incorporate technology solutions, such as Cloud Access Security Broker (CASB), in combination with native cloud provider accounting and audit tools to address visibility gaps.
2 – Establish Formalized Cloud Governance
For many organizations, business processes, policies and standards have not been developed to support the rapidly growing cloud landscape. Evolving data privacy and other regulatory obligations such as the European Union’s General Data Protection Regulation (GDPR) add further complications for IT professionals. The implementation of a strategic, enterprise-wide approach to overseeing, managing and securing vital data in a multi-cloud environment must be a top priority.
Consider adopting these basic Cloud Governance principles in 2019:
Identity and Access Management with well-defined Role-based Access Controls (RBAC). Define roles clearly and control access based on business needs and data ownership. This approach will significantly minimize the exposure if user credentials are compromised as RBAC ensures user access is limited to a need-to-know basis.
Track and manage your cloud resources by using tags. Department, customer, data classification and environment tags are good examples. Security incident response is much easier when you can locate the owner quickly.
Use native cloud cryptographic key and secrets management capabilities. Managed Hardware Security Module (HSM) services are offered by the majority of cloud providers and easy to adopt and use.
3 – Make security and privacy the cornerstones of the cloud architecture
Most companies are still in the process of developing policies and standards for designing and configuring cloud infrastructure. Oftentimes, cloud architecture is the result of ad-hoc efforts driven by developers using the cloud as a rapid prototyping environment, and poorly designed or misconfigured systems can be exploited quickly.
In 2019, IT executives should design comprehensive security architecture that includes a complete security stack consisting of:
Identity and access management and governance
Data protection and encryption
Data loss prevention
Data classification tagging
Security monitoring and operations.
Cloud technologies continue to innovate and evolve quickly. Every day major cloud providers announce new features and capabilities, and businesses are eager to use them to differentiate from competitors. Tracking industry-leading best practices and the latest cloud security trends is a must. Cloud security blueprints must be constantly updated to ensure relevance to today’s current threat landscape.
4 – Extend you’re on-premise security operations into the cloud
Many cloud providers and security solutions vendors are still catching up with cloud security capabilities as compared to traditional on-premise solutions. Tracking data flow between on-premise systems and the cloud, and providing consistent protection throughout the data flow is critical. Companies should also correlate their on-premise and cloud incidents to ensure they have a complete picture of their systems.
Resolve to make identity and access management policies consistent across multiple clouds and on-premise footprints in 2019, while also reviewing incident response procedures to reflect any changes to the cloud environment.
5 – Automate security tasks
Given the speed and elasticity of cloud operations, it is next to impossible to secure the cloud using manual procedures.
In 2019, companies should automate the deployment and operations aspects of cloud security by automating core security tasks, including:
Secure orchestration and provisioning
Vulnerability threat management
Vulnerability patch management
Continuous integration and deployment
Security operations and incident response
Security metrics generation and reporting
The cloud is here to stay and companies must have a cloud architecture that is designed with security and privacy in mind. Safeguarding cloud-based data from attacks requires not only strong security capabilities but also routine monitoring and updating throughout the year. As a new year begins, resolve to remain vigilant in securing your cybersecurity programs and protocols to mitigate the risk of security breaches and to optimize your cloud services.
About the Author
Dannie Combs is Chief Information Security Officer at DFIN (Donnelley Financial Solutions NYSE:DFIN), a global leader in risk and compliance solutions. As the CISO for a company with more than 3,000 employees across 17 countries, Dannie is responsible for all aspects of corporate cybersecurity not only for internal data but ensuring clients’ information is highly secure as well. He was formerly Director of National Network security for U.S. Cellular, and IT Compliance manager for Redbox. Earlier in his career, he was with the US Air Force and managed information security for NORAD and various Intelligence agencies.