Identify the Components of Your Cloud Security Architecture
- Leveraging the cloud introduces IT professionals to a new world that they are tasked with securing. Consumers do not know what security services they need and when to implement them.
- With many cloud vendors proposing to share the security responsibility, it can be a challenge for organizations to develop a clear understanding of how they can best secure their data off premises.
Our Advice
Critical Insight
- Your cloud security architecture needs to be strategic, realistic, and based on risk. The NIST approach to cloud security is to include everything security into your cloud architecture to be deemed secure. However, you can still have a robust and secure cloud architecture by using a risk-based approach to identify the necessary controls and mitigating services for your environment.
- The cloud is not the right choice for everyone. You’re not as unique as you think. Start with a reference model that is based on your risks and business attributes and optimize it from there.
- Your responsibility doesn’t end at the vendor. Even if you outsource your security services to your vendors, you will still have security responsibilities to address.
- Don’t boil the ocean; do what is realistic for your enterprise. Your cloud security architecture should be based on securing your most critical assets. Use our reference model to determine a launch point.
- A successful strategy is holistic. Controlling for cloud risks comes from knowing what the risks are. Consider the full spectrum of security, including both processes and technologies.
Impact and Result
- The business is adopting a cloud environment and it must be secured, which includes:
- Ensuring business data cannot be leaked or stolen.
- Maintaining the privacy of data and other information.
- Securing the network connection points.
- Knowing the risks associated with the cloud and mitigating those risks with the appropriate services.
- This blueprint and associated tools are scalable for all types of organizations within various industry sectors. It allows them to know what types of risk they are facing and what security services are strongly recommended to mitigate those risks.
Identify the Components of Your Cloud Security Architecture Research & Tools
Start Here – read the Executive Brief
Read our concise Executive Brief to find out why you should create a cloud security architecture with security at the forefront, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.Besides the small introduction, subscribers and consulting clients within this management domain have access to:
- Identify the Components of Your Cloud Security Architecture – Phases 1-4
1. Cloud security alignment analysis
Explore how the cloud changes and whether your enterprise is ready for the shift to the cloud.
- Identify the Components of Your Cloud Security Architecture – Phase 1: Cloud Security Alignment Analysis
- Cloud Security Architecture Workbook
2. Business-critical workload analysis
Analyze the workloads that will migrated to the cloud. Consider the various domains of security in the cloud, considering the cloud’s unique risks and challenges as they pertain to your workloads.
- Identify the Components of Your Cloud Security Architecture – Phase 2: Business-Critical Workload Analysis
3. Cloud security architecture mapping
Map your risks to services in a reference model from which to build a robust launch point for your architecture.
- Identify the Components of Your Cloud Security Architecture – Phase 3: Cloud Security Architecture Mapping
- Cloud Security Architecture Archive Document
- Cloud Security Architecture Reference Model (Visio)
- Cloud Security Architecture Reference Model (PDF)
4. Cloud security strategy planning
Map your risks to services in a reference architecture to build a robust roadmap from.
- Identify the Components of Your Cloud Security Architecture – Phase 4: Cloud Security Strategy Planning
- Cloud Security Architecture Communication Deck
Infographic
Workshop: Identify the Components of Your Cloud Security Architecture
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
1 Cloud Security Alignment Analysis
The Purpose
Understand your suitability and associated risks with your workloads as they are deployed into the cloud.
Key Benefits Achieved
An understanding of the organization’s readiness and optimal service level for cloud security.
Activities
1.1 Workload Deployment Plan
1.2 Cloud Suitability Questionnaire
1.3 Cloud Risk Assessment
1.4 Cloud Suitability Analysis
Outputs
Workload deployment plan
Determined the suitability of the cloud for your workloads
Risk assessment of the associated workloads
Overview of cloud suitability
2 Business-Critical Workload Analysis
The Purpose
Explore your business-critical workloads and the associated controls and mitigating services to secure them.
Key Benefits Achieved
Address NIST 800-53 security controls and the appropriate security services that can mitigate the risks appropriately.
Activities
2.1 “A” Environment Analysis
2.2 “B” Environment Analysis
2.3 “C” Environment Analysis
2.4 Prioritized Security Controls
2.5 Effort and Risk Dashboard Overview
Outputs
NIST 800-53 control mappings and relevancy
NIST 800-53 control mappings and relevancy
NIST 800-53 control mappings and relevancy
Prioritized security controls based on risk and environmental makeup
Mitigating security services for controls
Effort and Risk Dashboard
3 Cloud Security Architecture Mapping
The Purpose
Identify security services to mitigate challenges posed by the cloud in various areas of security.
Key Benefits Achieved
Comprehensive list of security services, and their applicability to your network environment. Documentation of your “current” state of cloud security.
Activities
3.1 Cloud Security Control Mapping
3.2 Cloud Security Architecture Reference Model Mapping
Outputs
1. Cloud Security Architecture Archive Document to codify and document each of the associated controls and their risk levels to security services
2. Mapping of the codified controls onto Info-Tech’s Cloud Security Architecture Reference Model for clear security prioritization
4 Cloud Security Strategy Planning
The Purpose
Prepare a communication deck for executive stakeholders to socialize them to the state of your cloud security initiatives and where you still have to go.
Key Benefits Achieved
A roadmap for improving security in the cloud.
Activities
4.1 Cloud Security Strategy Considerations
4.2 Cloud Security Architecture Communication Deck
Outputs
Consider the additional security considerations of the cloud for preparation in the communication deck.
Codify all your results into an easily communicable communication deck with a clear pathway for progression and implementation of security services to mitigate cloud risks.