Cloud Security Best Practices: Advice from Forrester
Security for hybrid multi-cloud environments is arguably the most important business challenge this year. According to Forrester Research, cloud platform adoption was the most common network upgrade initiative in 2021, which necessitates a security posture strong enough to move some or all of the company’s workloads, data, and infrastructure to the cloud.
Today’s work-from-anywhere business models pressure companies across every industry to lift and shift assets to the cloud, giving them the flexibility to deliver digital services to every user everywhere. But before migration can happen, cloud security must be in place. Without a proactive security approach, executives quickly are “pumping the breaks” on their cloud-based innovation.
What do you need to be confident that your company can migrate safely? Analyst firm Forrester has the answers in their cloud security best practices report, which compiles the lessons learned in speaking with their robust client base of security professionals. So, if you’re looking to learn the top advice from analysts and peers, this research report is for you.
Here is my quick summary, distilling Forrester’s four critical tips for cloud migration security.
Guidelines for cloud migration security
1. Principles for cloud data migration
Forrester indicates that data protection, especially in the cloud, is the most important pillar of defense.
-
- Data discovery
- Revoking data access
- Prioritizing data
- Bring your own encryption keys — at least for critical data encryption
2. Building Zero Trust for the cloud
Identity and access management (IAM) is an important support pillar for cloud workloads.
-
- For SaaS apps, use identity federation—don’t duplicate user identities
- For IaaS and PaaS applications, create cloud directory instances
- For Cloud Services Provider (CSP) console management, use cloud identity governance tools
3. Paving the way for secure cloud networking
Cloud networking is a form of IT infrastructure wherein some or all of an organization’s network resources are hosted on cloud platforms. These cloud platforms may be public, private, or a hybrid combination of both. Security for network communications and interconnectivity requirements are a staple throughout the cloud migration process.
-
- Move customer-facing traffic to the cloud — do not create loops
- When using a single vendor’s cloud, use IaaS platform-native security services
- When using multi-cloud, consider using Zero Trust edge security
4. Configuring Infrastructure as a Service platforms
According to Forrester’s research, cloud platform adoption was the most common network upgrade initiative in 2021. But IaaS/PaaS configurations are error-prone, requiring extra attention for effective security.
-
- Use build pipeline scripts with version control for all (security) configuration and setup
- Add cloud workload protection (CWP) agents during configuration
- Add configuration posture management for every platform you use
- Cloud identity governance helps untangle complex access paths between resources
Forrester unpacks all of this advice in their Best Practices Report, “The Security Best Practices Of Cloud Migrations.” Get your free copy.
Contact us today and consult with one of our Managed Security experts.
Call us now to arrange a consultation (866) 588-5885.
Or arrange for a consultation through our request form.
Three Considerations for Creating a Future-Ready Enterprise
Learn about what business leaders should do to create a technology-forward, future-ready enterprise.
Learn more about Three Considerations for Creating a Future-Ready Enterprise
Securing the Network Edge: Endpoint detection and response can reduce serious incidents by 50%
What is EDR and how is different from XDR? Masergy explains that and more.
Understanding ZTNA Relationship to Zero Trust and SASE
Zero Trust Network Access gets mixed up with Zero Trust and SASE. Understand the differences and how it strengthens security.
Learn more about Understanding ZTNA Relationship to Zero Trust and SASE
Cybersecurity Blind Spots: Why You’re Unaware of Risks Hiding in Your Own IT Environment
Companies today have more security weaknesses. Explore three common blindspots and how to turn on the light switch.
Delivering On The Digital-First Promise: How To Meet Heightened Demand With Less Risk
The best digital strategies foster an IT ecosystem where checks and balances allow emerging technologies to synthesize with security and the network.
Why EDR is an essential requirement for cyber insurance
A company applying for a cyber insurance policy must demonstrate that it has effective cybersecurity policies and countermeasures in place.
Learn more about Why EDR is an essential requirement for cyber insurance
Rebalancing security and business innovation post-pandemic
The accelerated transformation has spurred new governance phases. Rebalance innovation and security by putting these checks and balances in place.
Learn more about Rebalancing security and business innovation post-pandemic
The Transformation Trifecta at the Heart of the Hybrid Work Revolution
How sustainable is your hybrid work strategy? It's time to unite the disciplines of connectivity, cybersecurity and collaboration.
Learn more about The Transformation Trifecta at the Heart of the Hybrid Work Revolution
Masergy Wins “Editor’s Choice MSSP of the Year” Global InfoSec Award During RSA Conference 2022
As a leading managed security services provider, Masergy earns one of Cyber Defense Magazine’s most prestigious awards. Here’s why.
The Comcast Business Story – An Overview
Comcast Business and Masergy have joined forces - We are your one provider for all your secure networking needs.
SEVEN leaders from Comcast Business and Masergy recognized on CRN’s 2022 Women of the Channel List!
Masergy Awarded 2022 TMCnet Remote Work Pioneer Award
Masergy succeeds in making remote work actually work well for IT teams in the long run.
Learn more about Masergy Awarded 2022 TMCnet Remote Work Pioneer Award
Masergy: “multi-cloud environments make it difficult to control what’s happening in borderless networks”
Masergy's Trevor Parks talks to Cybernews about security threats in modern multi-cloud environments.
MSS, MDR, SOCaaS: The differences in security services and how to choose
The catalogue of security services abbreviations keeps getting longer. Here are some quick definitions and tips to help compare offerings.
Learn more about MSS, MDR, SOCaaS: The differences in security services and how to choose
Action plans for Log4j or Log4shell
The “Log4Shell" or “Log4j/Shell” vulnerability is one of the most serious cyber threats in recent history. Why is it such a serious concern and what can you do about it?
Meeting the moment for hybrid work cybersecurity
A growing number of cyberattacks and the explosion of hybrid work have pushed security resources to the brink, exposing the need for more managed services backed by machine learning.
Learn more about Meeting the moment for hybrid work cybersecurity
Your security service provider needs an upgrade: RFP questions to find a true partner
How do you ensure you’re getting the right combination of security expertise and operational excellence all in one provider? These questions can help.