Cloud Security Best Practice

If you are a cloud native business or heavily built your business over cloud, then cloud security is fundamental for your cyber security.

 

Shared Cloud Security Responsibility

When it comes to cloud security, there is always a misunderstanding of the situation - no matter how strong the cloud provider is, you still need to take full responsibility for your own cloud security. 

Why is that?

Actually, all the leading cloud providers including AWS or Microsoft Azure or Google Cloud or any other cloud provider you can name, they all follow the "shared responsibility model". 

Let us use AWS as example below. Even though AWS is taking care of the infrastructure level of security, you need to make sure your applications & data are safe. 

cloudsecurity - 1.PNG

Cloud Secuirty Framework

Then what can you do to make sure your cloud security is not the weak link? 

There are different frameworks & best practices that you can follow from different cloud providers. 

I will use the AWS framework as an example again as they have more SME cloud customers than everyone else. 

cloudsecurity - 2.PNG

AWS has built a very clear & straightforward framework for cloud security, which includes IAM management, detection, infrastructure protection, data protection, incident response & compliance. 

You don't need to use each & every product that AWS recommends. You need to choose the right products based on your own usage & budget. However, it still provides a very good framework for all of the necessary aspects to consider. 

 

How Cogen can help

Meanwhile, same as other aspects of your cyber security, you need to do the cloud security assessment from time to time or when you need to integrate with 3rd party partners API. 

Compared with traditional cyber security assessment, there are less choices for cloud security assessment while Cogen provides the same level of services. 

Check your cyber risk for free