Get Instant Access
to This Blueprint

Security icon

Build a Cloud Security Strategy

Secure the cloud by considering its unique challenges.

  • Leveraging the cloud introduces IT professionals to a new world that they are tasked with securing.
  • With many cloud vendors proposing to share the security responsibility, it can be a challenge for organizations to develop a clear understanding of how they can best secure their data off premises.

Our Advice

Critical Insight

  • Cloud security is not fundamentally different from security on premises.
  • While some of the mechanics are different, the underlying principles are the same. Accountability doesn’t disappear.
  • By virtue of its broad network accessibility, the cloud does expose decisions to extreme scrutiny, however.

Impact and Result

  • The business is adopting a cloud environment and it must be secured, which includes:
    • Ensuring business data cannot be leaked or stolen.
    • Maintaining privacy of data and other information.
    • Securing the network connection points.
  • This blueprint and associated tools are scalable for all types of organizations within various industry sectors.

Build a Cloud Security Strategy

Start Here – read the Executive Brief

Read our concise Executive Brief to find out why you should build a cloud security strategy, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

1. Explore security considerations for the cloud

Explore how the cloud changes the required controls and implementation strategies for a variety of different security domains.

2. Prioritize initiatives and construct a roadmap

Develop your organizational approach to various domains of security in the cloud, considering the cloud’s unique risks and challenges.


Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.3/10


Overall Impact

$61,979


Average $ Saved

18


Average Days Saved

Client

Experience

Impact

$ Saved

Days Saved

Bank of Jamaica

Guided Implementation

9/10

N/A

5

Renown Health

Guided Implementation

10/10

$61,979

47

BDO Digital, LLC

Guided Implementation

9/10

N/A

2


Onsite Workshop: Build a Cloud Security Strategy

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Define Your Approach

The Purpose

Define your unique approach to improving security in the cloud.

Key Benefits Achieved

An understanding of the organization’s requirements for cloud security.

Activities

Outputs

1.1

Define your approach to cloud security.

  • Defined cloud security approach
1.2

Define your governance requirements.

  • Defined governance requirements
1.3

Define your cloud security management requirements.

Module 2: Respond to Cloud Security Challenges

The Purpose

Explore challenges posed by the cloud in various areas of security.

Key Benefits Achieved

An understanding of how the organization needs to evolve to combat the unique security challenges of the cloud.

Activities

Outputs

2.1

Explore cloud asset management.

2.2

Explore cloud network security.

2.3

Explore cloud application security.

2.4

Explore log and event management.

2.5

Explore cloud incident response.

2.6

Explore cloud eDiscovery and forensics.

2.7

Explore cloud backup and recovery.

  • Understanding of cloud security strategy components (cont.).

Module 3: Build Cloud Security Roadmap

The Purpose

Identify initiatives to mitigate challenges posed by the cloud in various areas of security.

Key Benefits Achieved

A roadmap for improving security in the cloud.

Activities

Outputs

3.1

Define tasks and initiatives.

3.2

Finalize your task list

  • Defined task list.
3.3

Consolidate gap closure actions into initiatives.

3.4

Finalize initiative list.

3.5

Conduct a cost-benefit analysis.

  • Cost-benefit analysis
3.6

Prioritize initiatives and construct a roadmap.

  • Roadmap
3.7

Create effort map.

  • Effort map
3.8

Assign initiative execution waves.

3.9

Finalize prioritization.

3.10

Incorporate initiatives into a roadmap.

3.11

Schedule initiatives.

  • Initiative schedule
3.12

Review your results.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

Member Rating

9.3/10
Overall Impact

$61,979
Average $ Saved

18
Average Days Saved

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve.

Read what our members are saying

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Need Extra Help?
Try Our Guided Implementations

Get the help you need in this 2-phase advisory process. You'll receive 7 touchpoints with our researchers, all included in your membership.

Guided Implementation #1 - Explore security considerations for the cloud
  • Call #1 - Scope requirements, objectives, and your specific challenges.
  • Call #2 - Review cloud considerations for security controls.
  • Call #3 - Discuss security implications of cloud service models.
  • Call #4 - Finalize list of initiatives for securing the cloud.

Guided Implementation #2 - Prioritize initiatives and construct a roadmap
  • Call #1 - Prioritize initiatives identified in Phase 1.
  • Call #2 - Build execution waves and introduce Gantt chart.
  • Call #3 - Finalize roadmap and discuss next steps.

Author(s)

Jeremy Roberts

Ian Mulholland

Contributors

  • Yvon Day, Asset Management Consultant, BDC
  • Christopher Odediran, Head of IT Asset Management, Mott Macdonald
  • Tammy Krauthammer, VP of Technology, LPL Financial
  • Luz Cervantes, IT Asset Manager, Northgate Markets
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019