SlideShare a Scribd company logo

The 3 Recommendations for Cloud Security

VAST
VAST

Regardless of whether your data resides on-premises, in the cloud, or a combination of both, you are vulnerable to security threats, data breaches, data loss, and more. Security is often cited as a concern for organizations who are migrating to the public cloud, but the belief that the public cloud is not secure is a myth. In fact, the leading public cloud service providers have built rigorous security capabilities to ensure that your applications, assets, and services are protected. Security in the public cloud is now becoming a driver for many organizations, but in a rapidly evolving multicloud environment, you must keep up with changes that might impact your security posture. This eBook outlines the three core recommendations for cloud security across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform

Technology
1 of 9
Download to read offline
Cloud Security www.vastITservices.com The 3 Recommendations for Cloud Security POWERED BY
Cloud Security www.vastITservices.com INTRODUCTION TO CLOUD SECURITY Regardless of whether your data resides on-premises, in the cloud, or a combination of both, you are vulnerable to security threats, data breaches, data loss, and more. Security is often cited as a concern for organizations who are migrating to the public cloud, but the belief that the public cloud is not secure is a myth. In fact, the leading public cloud service providers have built rigorous security capabilities to ensure that your applications, assets, and services are protected. Security in the public cloud is now becoming a driver for many organizations, but in a rapidly evolving multicloud environment, you must keep up with changes that might impact your security posture. This eBook outlines the three core recommendations for cloud security across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform. PAGE 2 Azure
Cloud Security www.vastITservices.com SHARING RESPONSIBILITY It’s a common misconception that it’s the sole responsibility of public cloud service providers to safeguard your data and information. According to Gartner, through 2022, at least 95% of cloud security failures will be the customer’s fault. Let that sink in for a moment, and think about your cloud environment. Ensuring the security of one cloud can be a challenge, and if you are a multicloud user, that challenge becomes exponentially more difficult. In order to best plan and execute on a security strategy, you must understand who is responsible. Cloud service providers, such as Amazon Web Services, have published Shared Responsibility Models to outline the protections that each party is responsible for. The AWS Shared Responsibility Model is broken into two categories; security of the cloud which is owned by AWS, and security in the cloud which is owned by customers. To put it simply, the cloud provider is responsible for protecting the infrastructure (e.g. hardware, software, facilities), and in turn, the customer is responsible for the applications, service configuration, and identity and access management. Prior to deploying new services and developing applications, it’s recommended you outline which security requirements your organization is responsible for. If you’re not a Chief Information Security Officer or security leader, perhaps it would be valuable to discuss this with them. The last thing you want is to become part of that 95% statistic. PAGE 3 1 Gartner, Clouds Are Secure: Are You Using Them Securely?, Jay Heiser, 31 January 2018 2 “Shared Responsibility Model - Amazon Web Services (AWS).” Amazon, aws.amazon.com/compliance/ shared-responsibility-model/.
Cloud Security www.vastITservices.comPAGE 4 CENTER FOR INTERNET SECURITY BENCHMARKS DEFINED The Center for Internet Security (CIS) is a non-profit organization that publishes standards and best practices for securing IT systems and data. One type of publication that they provide is a Benchmark, which is a security configuration guideline that has been tested and proven by experienced IT professionals.3 CIS is a trusted third-party and organizations worldwide rely on the 100+ CIS Benchmarks to safeguard their cloud environments. Three of these Benchmarks have been created for Amazon Web Services Foundations, Microsoft Azure Foundations, and Google Cloud Platform Foundation. Although each of these cloud service providers have unique recommendations (e.g. Security Center for Azure, and Kubernetes Engine for Google Cloud Platform etc.), they have three core recommendations in common: identity and access management, logging and monitoring, and networking. Within each recommendation, there are a set of controls that are given a profile level. A Level 1 Profile is a foundational control and shouldn’t impact business functionality. A Level 2 Profile is for more in-depth security controls that could have a negative impact if not implemented properly. To perform an audit of your cloud infrastructure, you can use the cloud service provider management console, run a series of commands via the Command Line Interface, or leverage a cloud management solution to perform an audit on your behalf. 3 Center for Internet Security, www.cisecurity.org/.
Cloud Security www.vastITservices.comPAGE 5 1 IDENTITY AND ACCESS MANAGEMENT Cloud security starts with properly managing users and access controls. Without proper identity and access management, users can intentionally or unintentionally create security flaws with serious implications. The Identity and Access Management controls take a proactive approach by validating that you have properly and securely configured access to your cloud environment. The controls help you stay ahead of breaches by monitoring for leading indicators such as: • Misconfigured users (i.e., users not in a group) • Users with too broad of a span of control • Users with vulnerable accounts (i.e., multi-factor authentication disabled, etc.) • Inactive users (i.e., IAM user with access keys that are not being used, etc.) While it’s always best to catch security vulnerabilities before they are exploited, it’s prudent to also monitor for events that could turn into security incidents, or lagging indicators, such as: • Suspicious activity (e.g., a large volume of instances are launched outside of normal usage patterns, etc.) • Changes to security groups or users (e.g., new IAM group or user recently created or changed, etc.) SAMPLE AWS CONTROL 1.3 Ensure credentials unused for 90 days or greater are disabled (Scored) RATIONALE: Disabling or removing unnecessary credentials will reduce the window of opportunity for credentials associated with a compromised or abandoned account to be used. 4 CIS Benchmarks, Amazon Web Services Foundations v1.2.0, May 23, 2018.
Cloud Security www.vastITservices.comPAGE 6 2 LOGGING AND MONITORING Without proper audit trails and logs in place, it can be extremely challenging to identify security incidents, policy violations, fraudulent activity, and operational problems. In short, root cause analysis and troubleshooting are greatly helped by log management. To further assist with monitoring and responding to account activities, controls must be in place for log metric-filters and alarms. The Logging and Monitoring controls ensure that logs are collected, stored securely for the proper amount of time, and are available for analysis when needed. SAMPLE GOOGLE CLOUD PLATFORM CONTROL 2.10 Ensure log metric filter and alerts exists for Cloud Storage IAM permission changes (Scored) RATIONALE: Monitoring changes to Cloud Storage bucket permissions may reduce time to detect and correct permissions on sensitive Cloud Storage bucket and objects inside the bucket. 5 CIS Benchmarks, Google Cloud Platform Foundation v1.0.0, September 05, 2018.
Cloud Security www.vastITservices.comPAGE 7 3 NETWORKING Maintaining a secure perimeter to allow only legitimate traffic onto the network is critical in both the data center and the cloud. Hacking and phishing are just a few examples of network security breaches. As organizations continue to move towards a multicloud model it becomes harder and harder to tell the difference between legitimate and malicious traffic. The Networking controls are designed to monitor for security group and network protocol misconfigurations, such as when a Security Group has too large of an ingress port range. Beyond measuring for Security Group configurations, you may also want to be notified when a new Security Group is created, or if a Security Group isn’t being used. Since a single instance can have many different Security Groups applied to it, it’s also important to monitor for instances associated with a large number of Groups. SAMPLE AZURE CONTROL 6.2 Ensure that SSH access is restricted from the internet (Scored) RATIONALE: The potential security problem with using SSH over the Internet is that attackers can use various brute force techniques to gain access to Azure Virtual Machines. Once the attackers gain access, they can use your virtual machine as a launch point for compromising other machines on your Azure Virtual Network or even attack networked devices outside of Azure. 6 CIS Benchmarks, Amazon Web Services Foundations v1.0.0, February 20, 2018
Cloud Security www.vastITservices.com ADDITIONAL SECURITY CONSIDERATIONS Although the CIS Foundations Benchmarks do not have resiliency called out in its own recommendation section, the ability to recover operations and data after an outage or data loss event is a key component of world-class security best practices. Business continuity can span from making sure critical systems have backups replicated in another region to checking that critical assets are stored on highly available and redundant infrastructure. Most organizations will segment their applications and downstream dependent assets by business criticality, typically onto four levels: mission critical, business critical, business important, business supporting. Each tier will have a defined recovery time objective (RTO), recovery point objective (RPO), and availability SLA. Having a data resiliency strategy is imperative, and in many cases organizations choose to backup and recover data between multiple cloud service providers. For example, if AWS is the primary cloud, an organization may recover to Azure, or Google Cloud Platform. A multicloud strategy hinges on data and application availability, resiliency, and security. PAGE 8
Cloud Security www.vastITservices.com CONCLUSION Ensuring the security of your public cloud environment is challenging, and ensuring the security of your multicloud environment can be even more difficult. Learn how the CloudHealth cloud management platform can help you mitigate security risks across your multicloud environment. Learn more by visiting www.vastITservices.com VAST View™ is a trademark of VAST IT Services. POWERED BY

Recommended

Cloud Security Guide - Ref Architecture and Gov. Model
Cloud Security Guide - Ref Architecture and Gov. ModelCloud Security Guide - Ref Architecture and Gov. Model
Cloud Security Guide - Ref Architecture and Gov. ModelVishal Sharma
 
Cloud security (domain11 14)
Cloud security (domain11 14)Cloud security (domain11 14)
Cloud security (domain11 14)Maganathin Veeraragaloo
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityHari Kumar
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 

Recommended

Cloud Security Guide - Ref Architecture and Gov. Model
Cloud Security Guide - Ref Architecture and Gov. ModelCloud Security Guide - Ref Architecture and Gov. Model
Cloud Security Guide - Ref Architecture and Gov. ModelVishal Sharma
 
Cloud security (domain11 14)
Cloud security (domain11 14)Cloud security (domain11 14)
Cloud security (domain11 14)Maganathin Veeraragaloo
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityHari Kumar
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
Microsoft Cloud App Security CASB
Microsoft Cloud App Security CASBMicrosoft Cloud App Security CASB
Microsoft Cloud App Security CASBAmmar Hasayen
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Cloud App Security
Cloud App SecurityCloud App Security
Cloud App SecurityAlvaro Rezende
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud securityDavid De Vos
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Vulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingVulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingClinton DSouza
 
Beginners guide to aws security monitoring
Beginners guide to aws security monitoringBeginners guide to aws security monitoring
Beginners guide to aws security monitoringrahuldesh
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure SentinelBGA Cyber Security
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaFaysal Ghauri
 
Zero Trust 20211105
Zero Trust 20211105 Zero Trust 20211105
Zero Trust 20211105 Thomas Treml
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...Amazon Web Services
 
Core strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWSCore strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWSShane Peden
 
Introduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixIntroduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixJohn Yeoh
 
Issa 042711
Issa 042711Issa 042711
Issa 042711Erin Banks
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudSafeNet
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security IssuesHTS Hosting
 
Microsoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-UsabilityLarry Wilson
 
Comprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated ApproachComprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated ApproachCloudPassage
 
Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorAmazon Web Services
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfsarah david
 

More Related Content

What's hot

Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud securityDavid De Vos
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Vulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingVulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingClinton DSouza
 
Beginners guide to aws security monitoring
Beginners guide to aws security monitoringBeginners guide to aws security monitoring
Beginners guide to aws security monitoringrahuldesh
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaFaysal Ghauri
 
Zero Trust 20211105
Zero Trust 20211105 Zero Trust 20211105
Zero Trust 20211105 Thomas Treml
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...Amazon Web Services
 
Core strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWSCore strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWSShane Peden
 
Introduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixIntroduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixJohn Yeoh
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudSafeNet
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security IssuesHTS Hosting
 
Microsoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-UsabilityLarry Wilson
 
Comprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated ApproachComprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated ApproachCloudPassage
 

What's hot (20)

Cloud App Security
Cloud App SecurityCloud App Security
Cloud App Security
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud security
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
Vulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingVulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computing
 
Beginners guide to aws security monitoring
Beginners guide to aws security monitoringBeginners guide to aws security monitoring
Beginners guide to aws security monitoring
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
Cybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabiaCybersecurity frameworks globally and saudi arabia
Cybersecurity frameworks globally and saudi arabia
 
Zero Trust 20211105
Zero Trust 20211105 Zero Trust 20211105
Zero Trust 20211105
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud Computing
 
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...
 
Core strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWSCore strategies to develop defense in depth in AWS
Core strategies to develop defense in depth in AWS
 
Introduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls MatrixIntroduction to the CSA Cloud Controls Matrix
Introduction to the CSA Cloud Controls Matrix
 
Issa 042711
Issa 042711Issa 042711
Issa 042711
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Whose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the CloudWhose Cloud is It Anyway - Data Security in the Cloud
Whose Cloud is It Anyway - Data Security in the Cloud
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security Issues
 
Microsoft Cloud App Security
Microsoft Cloud App SecurityMicrosoft Cloud App Security
Microsoft Cloud App Security
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-Usability
 
Comprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated ApproachComprehensive Cloud Security Requires an Automated Approach
Comprehensive Cloud Security Requires an Automated Approach
 

Similar to The 3 Recommendations for Cloud Security

Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorAmazon Web Services
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfsarah david
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxsarah david
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsEditor IJCATR
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Cloud Security By Dr. Anton Ravindran
Cloud Security By Dr. Anton RavindranCloud Security By Dr. Anton Ravindran
Cloud Security By Dr. Anton RavindranGSTF
 
Cloud security and services
Cloud security and servicesCloud security and services
Cloud security and servicesJas Preet
 
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture IJECEIAES
 
A Novel Computing Paradigm for Data Protection in Cloud Computing
A Novel Computing Paradigm for Data Protection in Cloud ComputingA Novel Computing Paradigm for Data Protection in Cloud Computing
A Novel Computing Paradigm for Data Protection in Cloud ComputingIJMER
 
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...IJERA Editor
 
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...ijcnes
 
(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedings(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedingsSTO STRATEGY
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 

Similar to The 3 Recommendations for Cloud Security (20)

Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public Sector
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
 
cloud1_aggy.pdf
cloud1_aggy.pdfcloud1_aggy.pdf
cloud1_aggy.pdf
 
Cloud Security_ Unit 4
Cloud Security_ Unit 4Cloud Security_ Unit 4
Cloud Security_ Unit 4
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
Security for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi CloudsSecurity for Effective Data Storage in Multi Clouds
Security for Effective Data Storage in Multi Clouds
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
Cloud Security By Dr. Anton Ravindran
Cloud Security By Dr. Anton RavindranCloud Security By Dr. Anton Ravindran
Cloud Security By Dr. Anton Ravindran
 
Cloud security and services
Cloud security and servicesCloud security and services
Cloud security and services
 
Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture Review on Security Aspects for Cloud Architecture
Review on Security Aspects for Cloud Architecture
 
A Novel Computing Paradigm for Data Protection in Cloud Computing
A Novel Computing Paradigm for Data Protection in Cloud ComputingA Novel Computing Paradigm for Data Protection in Cloud Computing
A Novel Computing Paradigm for Data Protection in Cloud Computing
 
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
Security in Cloud Computing For Service Delivery Models: Challenges and Solut...
 
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
Investigation on Challenges in Cloud Security to Provide Effective Cloud Comp...
 
(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedings(Pdf) yury chemerkin _i-society-2013 proceedings
(Pdf) yury chemerkin _i-society-2013 proceedings
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 

The 3 Recommendations for Cloud Security

  • 1. Cloud Security www.vastITservices.com The 3 Recommendations for Cloud Security POWERED BY
  • 2. Cloud Security www.vastITservices.com INTRODUCTION TO CLOUD SECURITY Regardless of whether your data resides on-premises, in the cloud, or a combination of both, you are vulnerable to security threats, data breaches, data loss, and more. Security is often cited as a concern for organizations who are migrating to the public cloud, but the belief that the public cloud is not secure is a myth. In fact, the leading public cloud service providers have built rigorous security capabilities to ensure that your applications, assets, and services are protected. Security in the public cloud is now becoming a driver for many organizations, but in a rapidly evolving multicloud environment, you must keep up with changes that might impact your security posture. This eBook outlines the three core recommendations for cloud security across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform. PAGE 2 Azure
  • 3. Cloud Security www.vastITservices.com SHARING RESPONSIBILITY It’s a common misconception that it’s the sole responsibility of public cloud service providers to safeguard your data and information. According to Gartner, through 2022, at least 95% of cloud security failures will be the customer’s fault. Let that sink in for a moment, and think about your cloud environment. Ensuring the security of one cloud can be a challenge, and if you are a multicloud user, that challenge becomes exponentially more difficult. In order to best plan and execute on a security strategy, you must understand who is responsible. Cloud service providers, such as Amazon Web Services, have published Shared Responsibility Models to outline the protections that each party is responsible for. The AWS Shared Responsibility Model is broken into two categories; security of the cloud which is owned by AWS, and security in the cloud which is owned by customers. To put it simply, the cloud provider is responsible for protecting the infrastructure (e.g. hardware, software, facilities), and in turn, the customer is responsible for the applications, service configuration, and identity and access management. Prior to deploying new services and developing applications, it’s recommended you outline which security requirements your organization is responsible for. If you’re not a Chief Information Security Officer or security leader, perhaps it would be valuable to discuss this with them. The last thing you want is to become part of that 95% statistic. PAGE 3 1 Gartner, Clouds Are Secure: Are You Using Them Securely?, Jay Heiser, 31 January 2018 2 “Shared Responsibility Model - Amazon Web Services (AWS).” Amazon, aws.amazon.com/compliance/ shared-responsibility-model/.
  • 4. Cloud Security www.vastITservices.comPAGE 4 CENTER FOR INTERNET SECURITY BENCHMARKS DEFINED The Center for Internet Security (CIS) is a non-profit organization that publishes standards and best practices for securing IT systems and data. One type of publication that they provide is a Benchmark, which is a security configuration guideline that has been tested and proven by experienced IT professionals.3 CIS is a trusted third-party and organizations worldwide rely on the 100+ CIS Benchmarks to safeguard their cloud environments. Three of these Benchmarks have been created for Amazon Web Services Foundations, Microsoft Azure Foundations, and Google Cloud Platform Foundation. Although each of these cloud service providers have unique recommendations (e.g. Security Center for Azure, and Kubernetes Engine for Google Cloud Platform etc.), they have three core recommendations in common: identity and access management, logging and monitoring, and networking. Within each recommendation, there are a set of controls that are given a profile level. A Level 1 Profile is a foundational control and shouldn’t impact business functionality. A Level 2 Profile is for more in-depth security controls that could have a negative impact if not implemented properly. To perform an audit of your cloud infrastructure, you can use the cloud service provider management console, run a series of commands via the Command Line Interface, or leverage a cloud management solution to perform an audit on your behalf. 3 Center for Internet Security, www.cisecurity.org/.
  • 5. Cloud Security www.vastITservices.comPAGE 5 1 IDENTITY AND ACCESS MANAGEMENT Cloud security starts with properly managing users and access controls. Without proper identity and access management, users can intentionally or unintentionally create security flaws with serious implications. The Identity and Access Management controls take a proactive approach by validating that you have properly and securely configured access to your cloud environment. The controls help you stay ahead of breaches by monitoring for leading indicators such as: • Misconfigured users (i.e., users not in a group) • Users with too broad of a span of control • Users with vulnerable accounts (i.e., multi-factor authentication disabled, etc.) • Inactive users (i.e., IAM user with access keys that are not being used, etc.) While it’s always best to catch security vulnerabilities before they are exploited, it’s prudent to also monitor for events that could turn into security incidents, or lagging indicators, such as: • Suspicious activity (e.g., a large volume of instances are launched outside of normal usage patterns, etc.) • Changes to security groups or users (e.g., new IAM group or user recently created or changed, etc.) SAMPLE AWS CONTROL 1.3 Ensure credentials unused for 90 days or greater are disabled (Scored) RATIONALE: Disabling or removing unnecessary credentials will reduce the window of opportunity for credentials associated with a compromised or abandoned account to be used. 4 CIS Benchmarks, Amazon Web Services Foundations v1.2.0, May 23, 2018.
  • 6. Cloud Security www.vastITservices.comPAGE 6 2 LOGGING AND MONITORING Without proper audit trails and logs in place, it can be extremely challenging to identify security incidents, policy violations, fraudulent activity, and operational problems. In short, root cause analysis and troubleshooting are greatly helped by log management. To further assist with monitoring and responding to account activities, controls must be in place for log metric-filters and alarms. The Logging and Monitoring controls ensure that logs are collected, stored securely for the proper amount of time, and are available for analysis when needed. SAMPLE GOOGLE CLOUD PLATFORM CONTROL 2.10 Ensure log metric filter and alerts exists for Cloud Storage IAM permission changes (Scored) RATIONALE: Monitoring changes to Cloud Storage bucket permissions may reduce time to detect and correct permissions on sensitive Cloud Storage bucket and objects inside the bucket. 5 CIS Benchmarks, Google Cloud Platform Foundation v1.0.0, September 05, 2018.
  • 7. Cloud Security www.vastITservices.comPAGE 7 3 NETWORKING Maintaining a secure perimeter to allow only legitimate traffic onto the network is critical in both the data center and the cloud. Hacking and phishing are just a few examples of network security breaches. As organizations continue to move towards a multicloud model it becomes harder and harder to tell the difference between legitimate and malicious traffic. The Networking controls are designed to monitor for security group and network protocol misconfigurations, such as when a Security Group has too large of an ingress port range. Beyond measuring for Security Group configurations, you may also want to be notified when a new Security Group is created, or if a Security Group isn’t being used. Since a single instance can have many different Security Groups applied to it, it’s also important to monitor for instances associated with a large number of Groups. SAMPLE AZURE CONTROL 6.2 Ensure that SSH access is restricted from the internet (Scored) RATIONALE: The potential security problem with using SSH over the Internet is that attackers can use various brute force techniques to gain access to Azure Virtual Machines. Once the attackers gain access, they can use your virtual machine as a launch point for compromising other machines on your Azure Virtual Network or even attack networked devices outside of Azure. 6 CIS Benchmarks, Amazon Web Services Foundations v1.0.0, February 20, 2018
  • 8. Cloud Security www.vastITservices.com ADDITIONAL SECURITY CONSIDERATIONS Although the CIS Foundations Benchmarks do not have resiliency called out in its own recommendation section, the ability to recover operations and data after an outage or data loss event is a key component of world-class security best practices. Business continuity can span from making sure critical systems have backups replicated in another region to checking that critical assets are stored on highly available and redundant infrastructure. Most organizations will segment their applications and downstream dependent assets by business criticality, typically onto four levels: mission critical, business critical, business important, business supporting. Each tier will have a defined recovery time objective (RTO), recovery point objective (RPO), and availability SLA. Having a data resiliency strategy is imperative, and in many cases organizations choose to backup and recover data between multiple cloud service providers. For example, if AWS is the primary cloud, an organization may recover to Azure, or Google Cloud Platform. A multicloud strategy hinges on data and application availability, resiliency, and security. PAGE 8
  • 9. Cloud Security www.vastITservices.com CONCLUSION Ensuring the security of your public cloud environment is challenging, and ensuring the security of your multicloud environment can be even more difficult. Learn how the CloudHealth cloud management platform can help you mitigate security risks across your multicloud environment. Learn more by visiting www.vastITservices.com VAST View™ is a trademark of VAST IT Services. POWERED BY