Cloud Security Checklist & Secure Migration Tips

If your plans in 2018 involve migrating to or expanding the use of cloud services and applications, it’s important to be aware of the challenges. The reality of the cloud is two-fold: on the one hand, it accelerates digital transformation, increases productivity, intelligence and competitiveness; but at the same time introduces and multiplies security risks if not architected correctly.

To safely use the cloud along with other emerging technologies, here’s a cloud security checklist with five recommendations to strengthen your defenses and ensure a secure presence in the cloud.

With the diversity of services available from cloud platforms, readily available to any company, you can expect that the use of these services is widely disseminated. However, a recent study by the McKinsey Consulting shows that this is not yet the case. For example, only about 40% of the companies studied use more than 10% of their workloads in the cloud. Cybersecurity is a central concern behind this outcome.

Of course, there are challenges, but little by little cloud adoption grows in the corporate environment.

Map all your processes

Migration to cloud environments does not have to happen overnight. As with any digital security initiative, it is crucial to plan the entire process, mapping all the advantages and challenges, processes, and information.

Moving platforms or data to the cloud is a long-term decision and must be taken with care. In addition, a cloud migration will directly impact your security policies and practices, which will need to be reviewed – including the fact that your team will need to more training on how to properly use the cloud and how it relates to your updated security policies and procedures.

Challenges:

Map all processes that will migrate to the cloud
Monitor all activity in the cloud
Know how and where your information will be stored
Review security policies

Re-evaluate your users

Unlike a private network, the cloud is the external network, where the controls will be positioned to establish the perimeter. That’s why it’s important to audit and redefine your user privileges in the cloud. This includes permission levels for internal users, partners, and vendors.

Challenges:

Reset Usage Permissions
Centralize / prioritize privileges
Audit accounts

Learn more about the disadvantages of privileged account access here.

Encrypt your data

If it is your first investment with the cloud, you can take a calculated step with a pilot project or proof of concept, migrating only one specific initiative. This will help you understand how using the cloud will impact your business.

In all cases, ensuring that encryption is used on any data is indisputable. Even when using cloud services and applications, your data will likely travel between the private and public cloud, and the use of encrypted channels is essential.

Challenges:

Audit features of your cloud service
Select cloud environments that adopt encryption procedure
Adopt technologies such as VPN to bridge the gap between your network and the cloud

Learn more about data protection and encryption in our previous blog post here.

Build an incident recovery plan

Creating a document to guide your team in preparing and recovering from security events within the cloud will also be critical to your cloud migration initiative.

Challenges:

Gather and train team of experts
Map and prioritize the types of risks to data in the cloud
Create a security event management guide
Choosing appropriate cyber security products

Monitor logs

Keeping and evaluating logs for all cloud activities will be instrumental in understanding the status of your security in a hybrid cloud environment and will also help you create your incident recovery plan.

Challenges:

Understand what data is shared between your network and the cloud
Set secure rules for data traffic
Monitor all users’ activities

Learn how to extract value from your SIEM logs for added value.

Finally, it is important to remember how the use of services and applications in the cloud can impact the compliance and industry regulations (such as PCI-DSS) and local privacy laws (such as HIPAA, GDPR, etc.)

Do you know the main risks associated with the cloud? Stay tuned as we answer this in an upcoming blog!

Cookie	Duration	Description
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.
__hssrc	session	This cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__hssc	30 minutes	HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.

Cookie	Duration	Description
__hstc	1 year 24 days	This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_86671402_1	1 minute	This cookie is set by Google and is used to distinguish users.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
ajs_anonymous_id	never	This cookie is set by Segment.io to check the number of ew and returning visitors to the website.
ajs_user_id	never	The cookie is set by Segment.io and is used to analyze how you use the website
CONSENT	16 years 3 months 14 days 7 hours	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
bscookie	2 years	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
driftt_aid	2 years	The driftt_aid cookie is an anonymous identifier token set by Drift.com for tracking purposes and helps to tie the visitor onto the website. The cookie also allows Drift to remember the information provided by the site visitor, through the chat on successive site visits.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Cookie	Duration	Description
ajs_group_id	never	This cookie is set by Segment.io. The purpose of the cookie is currently not identified.
AnalyticsSyncHistory	1 month	No description
debug	never	No description available.
drift_aid	2 years	No description
drift_campaign_refresh	30 minutes	No description available.
li_gc	2 years	No description
UserMatchHistory	1 month	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.

Insights > Blog

Cloud Security Checklist & Secure Migration Tips

Map all your processes

Challenges:

Re-evaluate your users

Challenges:

Encrypt your data

Challenges:

Build an incident recovery plan

Challenges:

Monitor logs

Challenges:

Did you enjoy this blog article? Comment below with your feedback.

0 Comments

Submit a Comment Cancel reply

GET EMAIL UPDATES

Information Security Maturity Self-Assessment Survey

Learn More

Social Media

LinkedIn

Powered by Juicer

View on LinkedIn

Social Media

Twitter

We hope to see you at the FS-ISAC Americas Spring Summit this year in Denver to gain invaluable collective knowledge and experience with like-mined people. ...Feel free to book a time to chat with us.

Learn More: https://bit.ly/3yNjCOQ
#Cipher #FS-ISAC #Cybersecurity

Social Media

Facebook

Cipher | Continuously improving your cybersecurity posture and visibility#Cipher #cipheraprosegurcompany #cibersegurança #threats #visibility #XMDR #cipherplatform ... See MoreSee Less

Ver no Facebook
· Share
Share on Facebook Share on Twitter Share on Linked In Share by Email

Insights

Whitepaper

Dig into the details of cybersecurity and regulations by reading our exclusive white papers. Each paper is written by an expert at Cipher and full of insight and advice.

Learn more