As more organizations adopt cloud computing, it’s imperative they keep cybersecurity front-of-mind. Some analysts project that public cloud spend could increase to $500 billion by 2023, with infrastructure as one of its largest categories — and industry experts have their eye on security as this market develops.
Cloud Cybersecurity Best Practices
These best practices will help guard critical infrastructure and data in the cloud:
- Implement user access control
- Use SSH keys where possible
- Require multi-factor authentication (MFA)
- Perform monitoring
- Institute patch management
- Integrate with core directory
We’ll go over what each of these mean for secure cloud computing.
Implement User Access Control
As they do with traditional IT resources, admins should manage and control user access to cloud servers and other cloud infrastructure to ensure only those who need the data have access to it. Through the right directory service, this process can be automated to save time and increase accuracy as new users onboard and existing users access new servers.
Use SSH Keys Where Possible
SSH keys establish secure server connections with public and private key pairs. Organizations should establish key management policies to dictate how those keys are generated, maintained, and ultimately removed when they reach their end of life.
MFA requires users to prove who they are with something they know (i.e. a password) and something they have (e.g. a TOTP token). Requiring MFA where possible, including in cloud server access, helps to limit the risk in the case credentials are lost, stolen, or otherwise compromised.
Telemetry and system insight monitoring give admins visibility into the activity on their networks and systems, as well as possible vulnerabilities. Admins can monitor system configurations and changes, as well as user access and actions.
Institute Patch Management
Admins should also institute a patch management program to automate regularly scheduled patch updates, which often address security vulnerabilities. In the case of a zero-day or more critical vulnerability, admins should have a plan in place ahead of time as to how they will install and monitor an emergency patch.
Integrate with Core Directory
Ideally, an organization’s core directory integrates natively with cloud servers so users can access both systems and cloud servers with their core credentials.
Centralized identity and access management is key to reducing identity sprawl, securing onboarding/offboarding processes, and ensuring admins only need to manage and monitor one identity per user.
That way, users can access Infrastructure-as-a-Service providers like AWS®, GCPTM, and Azure® but IT admins don’t have to manage directories for Infrastructure-as-a-Service resources that are separate from their core directories.
Microsoft Active Directory does not connect natively to providers like AWS, but third-party tools can facilitate that access. However, these tools require additional maintenance and networking tasks to keep the connection functioning. Alternatively, cloud directory service providers are designed to make that connection without additional tools.
If you’d like a guide to implement best practices across your organization, check out our cybersecurity due diligence checklist for more.