Identify the Components of Your Cloud Security Architecture

Security in the cloud requires solutions, not speculation.
 Join Now

If you're already a member, click here to log in.

Major Business Pain Points

  • Leveraging the cloud introduces IT professionals to a new world that they are tasked with securing. Consumers do not know what security services they need and when to implement them.
  • With many cloud vendors proposing to share the security responsibility, it can be a challenge for organizations to develop a clear understanding of how they can best secure their data off premises.
Identify the Components of Your Cloud Security Architecture-Pain Points

Recommendations

Key Points

  • Your cloud security architecture needs to be strategic, realistic, and based on risk. The NIST approach to cloud security is to include everything security into your cloud architecture to be deemed secure. However, you can still have a robust and secure cloud architecture by using a risk-based approach to identify the necessary controls and mitigating services for your environment.
  • The cloud is not the right choice for everyone. You’re not as unique as you think. Start with a reference model that is based on your risks and business attributes and optimize it from there.
  • Your responsibility doesn’t end at the vendor. Even if you outsource your security services to your vendors, you will still have security responsibilities to address
  • Don’t boil the ocean; do what is realistic for your enterprise. Your cloud security architecture should be based on securing your most critical assets. Use our reference model to determine a launch point.
  • A successful strategy is holistic. Controlling for cloud risks comes from knowing what the risks are. Consider the full spectrum of security, including both processes and technologies.
Identify the Components of Your Cloud Security Architecture-Recommendations

Approach

  • The business is adopting a cloud environment and it must be secured, which includes:
  • Ensuring business data cannot be leaked or stolen.
  • Maintaining the privacy of data and other information.
  • Securing the network connection points.
  • Knowing the risks associated with the cloud and mitigating those risks with the appropriate services.
  • This blueprint and associated tools are scalable for all types of organizations within various industry sectors. It allows them to know what types of risk they are facing and what security services are strongly recommended to mitigate those risks.
 Subscribe to Premium

Methodology and Tools

Executive Brief

Read our concise Executive Brief to find out why you should create a cloud security architecture with security at the forefront, review the methodology, and understand the four ways we can support you in completing this project. 

  • Identify the Components of Your Cloud Security Architecture – Executive Brief
  • Identify the Components of Your Cloud Security Architecture – Phases 1-4

1. Cloud security alignment analysis

Explore how the cloud changes and whether your enterprise is ready for the shift to the cloud.

  • Identify the Components of Your Cloud Security Architecture – Phase 1: Cloud Security Alignment Analysis
  • Cloud Security Architecture Workbook

2. Business-critical workload analysis

Analyze the workloads that will migrated to the cloud. Consider the various domains of security in the cloud, considering the cloud’s unique risks and challenges as they pertain to your workloads.

  • Identify the Components of Your Cloud Security Architecture – Phase 2: Business-Critical Workload Analysis

3. Cloud security architecture mapping

Map your risks to services in a reference model from which to build a robust launch point for your architecture.

  • Identify the Components of Your Cloud Security Architecture – Phase 3: Cloud Security Architecture Mapping
  • Cloud Security Architecture Archive Document

Cloud Security Architecture Reference Model (Visio)

  • Cloud Security Architecture Reference Model (PDF)

4. Cloud security strategy planning

Map your risks to services in a reference architecture to build a robust roadmap from.

  • Identify the Components of Your Cloud Security Architecture – Phase 4: Cloud Security Strategy Planning
  • Cloud Security Architecture Communication Deck

    All resources on this page are provided to Cyber Leadership Hub members under license from third parties including Info-Tech Research Group Inc, a global leader in providing IT research and advice.