Security icon

Build a Cloud Security Strategy

Secure the cloud by considering its unique challenges.

Get Instant Access to this Blueprint

Contributors

  • Yvon Day, Asset Management Consultant, BDC
  • Christopher Odediran, Head of IT Asset Management, Mott Macdonald
  • Tammy Krauthammer, VP of Technology, LPL Financial
  • Luz Cervantes, IT Asset Manager, Northgate Markets

Your Challenge

  • Leveraging the cloud introduces IT professionals to a new world that they are tasked with securing.
  • With many cloud vendors proposing to share the security responsibility, it can be a challenge for organizations to develop a clear understanding of how they can best secure their data off premises.

Our Advice

Critical Insight

  • Cloud security is not fundamentally different from security on premises.
  • While some of the mechanics are different, the underlying principles are the same. Accountability doesn’t disappear.
  • By virtue of its broad network accessibility, the cloud does expose decisions to extreme scrutiny, however.

Impact and Result

  • The business is adopting a cloud environment and it must be secured, which includes:
    • Ensuring business data cannot be leaked or stolen.
    • Maintaining privacy of data and other information.
    • Securing the network connection points.
  • This blueprint and associated tools are scalable for all types of organizations within various industry sectors.

Research & Tools

Start Here – read the Executive Brief

Read our concise Executive Brief to find out why you should build a cloud security strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

1. Explore security considerations for the cloud

Explore how the cloud changes the required controls and implementation strategies for a variety of different security domains.

2. Prioritize initiatives and construct a roadmap

Develop your organizational approach to various domains of security in the cloud, considering the cloud’s unique risks and challenges.

Guided Implementations

This guided implementation is a seven call advisory process.

Guided Implementation #1 - Explore security considerations for the cloud

Call #1 - Scope requirements, objectives, and your specific challenges.
Call #2 - Review cloud considerations for security controls.
Call #3 - Discuss security implications of cloud service models.
Call #4 - Finalize list of initiatives for securing the cloud.

Guided Implementation #2 - Prioritize initiatives and construct a roadmap

Call #1 - Prioritize initiatives identified in Phase 1.
Call #2 - Build execution waves and introduce Gantt chart.
Call #3 - Finalize roadmap and discuss next steps.
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019