{"id":336,"date":"2021-03-04T16:36:08","date_gmt":"2021-03-04T16:36:08","guid":{"rendered":"https:\/\/www.itminister.co.uk\/blog\/?p=336"},"modified":"2021-03-05T08:23:06","modified_gmt":"2021-03-05T08:23:06","slug":"5-tips-for-hardening-multi-cloud-environments","status":"publish","type":"post","link":"https:\/\/www.itminister.co.uk\/blog\/5-tips-for-hardening-multi-cloud-environments\/","title":{"rendered":"5 Tips for Hardening Multi-Cloud Environments"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">The goal of harding multi-cloud environments is now more important than ever with the mass shift to remote work and bad actors seeking novel ways to infiltrate public, private and hybrid cloud infrastructures accessed from so many more entry points. Below are five tips to help secure cloud architecture. <a href=\"https:\/\/magazines.isc2.org\/pages\/2021\/2021-03\/\">Read More<\/a><\/p>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>Gain visibility and define workloads<\/strong><br>We\u2019ve all heard it before, but it\u2019s worth repeating: If you don\u2019t know an asset exists, you can\u2019t secure it. This is why Snyder ranks gaining visibility as a top priority. \u201cThere\u2019s no way that you can\u2019t have that visibility, know whether it\u2019s in a secure state, whether it\u2019s properly configured, properly secured, etc.,\u201d he said. \u201cSo, you really have to have visibility in order to gain security around it.\u201d<\/li><li><strong>Focus on password policies, MFA and logs<\/strong><br>Just as with on-premises data centers, all cloud environments demand established and enforced identity and access management systems that incorporate strong passwords, multi-factor authentication and auditable logs. Despite being a best practice, it\u2019s one that often gets overlooked.<\/li><li><strong>Clean up attack surfaces<\/strong><br>While he acknowledged that he has sometimes received pushback about how hygiene impacts cloud security, Snyder points out that when larger firms go to the cloud, they sometimes tend to open their clouds more broadly. For example, a website is established to generate leads during a 30- or 60-day marketing campaign. But when the campaign ends, the site is now an \u201corphan,\u201d a workload no longer serving a useful purpose while spreading an organization\u2019s attack surface.<\/li><li><strong>Pay close attention to perimeter security<\/strong><br>More multi-cloud mistakes come from failing to properly follow the aforementioned recommendations. Once better cyber hygiene is established, along with better visibility and inventory building, it\u2019s time to tighten your cloud security perimeter just as you would an on-premises data center. This means closing buckets and locking down ports.<\/li><li><strong>Encrypt where needed<\/strong><br>While the complexity of a cloud environment can make previously mentioned recommendations difficult, one suggestion that is actually easier in the cloud is encryption. All cloud providers now offer multiple encryption options, depending on workloads and the location of key data assets. This harkens back to earlier points about defining workloads and knowing a firm\u2019s data assets.<\/li><\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">iTM covers all aspects of cybersecurity from Home cyber security managed solutions to automated, manage threat intelligence, forensic investigations, Cloud security best practice and cyber security training. Our objective is to support organisations and consumers at every step of their cyber maturity journey. <a href=\"https:\/\/www.itminister.co.uk\/contact.html\">Contact Us<\/a> for more information.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The goal of harding multi-cloud environments is now more important than ever with the mass shift to remote work and bad actors seeking novel ways to infiltrate public, private and hybrid cloud infrastructures accessed from so many more entry points. Below are five tips to help secure cloud architecture. Read More Gain visibility and define &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.itminister.co.uk\/blog\/5-tips-for-hardening-multi-cloud-environments\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;5 Tips for Hardening Multi-Cloud Environments&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","beyondwords_generate_audio":"","beyondwords_integration_method":"","beyondwords_project_id":"","beyondwords_content_id":"","beyondwords_preview_token":"","beyondwords_player_content":"","beyondwords_player_style":"","beyondwords_language_code":"","beyondwords_language_id":"","beyondwords_title_voice_id":"","beyondwords_body_voice_id":"","beyondwords_summary_voice_id":"","beyondwords_error_message":"","beyondwords_disabled":"","beyondwords_delete_content":"","beyondwords_podcast_id":"","beyondwords_hash":"","publish_post_to_speechkit":"","speechkit_hash":"","speechkit_generate_audio":"","speechkit_project_id":"","speechkit_podcast_id":"","speechkit_error_message":"","speechkit_disabled":"","speechkit_access_key":"","speechkit_error":"","speechkit_info":"","speechkit_response":"","speechkit_retries":"","speechkit_status":"","speechkit_updated_at":"","_speechkit_link":"","_speechkit_text":""},"categories":[11,18],"tags":[],"class_list":["post-336","post","type-post","status-publish","format-standard","hentry","category-cloud","category-cyber-security-best-practice"],"_links":{"self":[{"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/posts\/336","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=336"}],"version-history":[{"count":2,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/posts\/336\/revisions"}],"predecessor-version":[{"id":340,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/posts\/336\/revisions\/340"}],"wp:attachment":[{"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=336"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=336"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itminister.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=336"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}